Biometric gameplay verification

ABSTRACT

Systems and methods for controlling access to online casino games are described herein. In one aspect, an authoritative image of a remote player is received and stored in a biometrical facial recognition database. The authoritative image can be linked with a player profile of a player tracking card holder. To play an online casino game, the remote player can provide an authentication image. The player&#39;s presence in the authentication image can be determined using a biometrical facial recognition software application. Upon successful authentication, a selection of online casino games can be displayed to the remote player. The real-time (e.g., during game play) identity of the remote player can be determined. If an authorized remote player has been replaced by an unauthorized remote player, the game play can be terminated. In another aspect, the remote player provides the authoritative image after receiving an invitation.

BACKGROUND

Field

The present application relates generally to gaming systems, and morespecifically to systems and methods for controlling access to onlinegames.

Description of the Related Art

A land-based casino operator (LBCO) can operate a player tracking cardsystem (PTCS) for creating player tracking cards (PTCs) for its players.A player may have to provide a pin number when a PTC is newly issued tothe player. The player may have to provide the pin number when accessinghis player profile or redeeming his reward points earned by, forexample, using the PTC to play casino games at a land-based casinooperated by the LBCO. However, an unscrupulous actor may obtain the pinnumber and pretend to be the remote player, for example, during a playof an online casino game.

SUMMARY

Accordingly, the systems and methods described herein, based on imageauthentication or other forms of biometric authentication, can be usedby operators such as land-based casino operators (LBCOs), online casinooperators (OCOs), or LBCOs/OCOs to authenticate or verify the identitiesof remote players in real time or to control access of remote players toonline games.

In one innovative aspect, a method for controlling access to onlinegames is provided. The method includes receiving a first image; andassociating the first image with a player profile of the remote player,the player profile stored in a player data store. The method alsoincludes receiving a second image from a gaming device; and comparingpixel information in the first image and the second image to determinewhether the remote player is present in the second image. The methodfurther includes causing display of graphical indicia of online gamesavailable for play via the gaming device based on the player profile ofthe remote player.

In another innovative aspect, a system for controlling access to onlinegames is disclosed. The system includes a biometric detector configuredto capture biometric information for authenticating a remote player; anda game interface configured to display graphical indicia of online gamesavailable for play by the remote player. The system also includes abiometric data storage database configured to store biometricinformation of the remote player and biometric information of playersprohibited from playing; a game storage database configured to store theonline games. The system further includes a microprocessor controlleddevice, for example a gaming device, configured to: receive permissionsfor the remote player, the permissions granting or denying access to thebiometric detector for capture of the biometric information; identify aset of online games available for play from the game storage databasebased at least in part on: the permissions, and a comparison ofbiometric information for the remote player with biometric informationof the players prohibited from playing; and display graphical indicia ofthe set of online games available for play by the remote player.

The systems and methods described each have several aspects, no singleone of which is solely responsible for its desirable attributes. Withoutlimiting the scope of this disclosure as expressed by the claims whichfollow, some features will now be discussed briefly. After consideringthis discussion, and particularly after reading the section entitled“Detailed Description” one will understand how the features describedprovide advantages that include authentication of players interactingwith an online system or service such as a casino gaming system, agerestricted content systems (e.g., adult content, alcohol, fire arms,etc.), or other systems or services with identity based accessrestrictions.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a functional block diagram of an exemplary system forcontrolling access to online games.

FIG. 2 shows a functional block diagram of a computer system forcontrolling access to online games shown in FIG. 1.

FIG. 3 is a flowchart of an exemplary method for controlling access toonline games.

FIG. 4 is a flowchart of an exemplary method for confirming thereal-time identity of a remote player.

FIG. 5 is a flowchart of an exemplary method for incorporating biometricfacial information into player profiles of existing player tracking cardholders.

FIG. 6 is a functional block diagram of a gaming device for controllingaccess of the player to online games.

FIGS. 7A-B are a schematic diagrams of messages that may be sent betweencomponents of the exemplary system for controlling access to onlinegames shown in FIG. 1.

DETAILED DESCRIPTION

The word “exemplary” is used herein to mean “serving as an example,instance, or illustration.” Any aspect or embodiment described herein as“exemplary” is not necessarily to be construed as preferred oradvantageous over other aspects or embodiments. Various aspects of thenovel systems, apparatuses, and methods are described more fullyhereinafter with reference to the accompanying drawings. This disclosuremay, however, be embodied in many different forms and should not beconstrued as limited to any specific structure or function presentedthroughout this disclosure. Rather, these aspects are provided so thatthis disclosure will be thorough and complete, and will fully convey thescope of the disclosure to those skilled in the art. Based on theteachings herein one skilled in the art should appreciate that the scopeof the disclosure is intended to cover any aspect of the novel systems,apparatuses, and methods disclosed herein, whether implementedindependently of, or combined with, any other aspect described. Forexample, an apparatus may be implemented or a method may be practicedusing any number of the aspects set forth herein. In addition, the scopeof the disclosure is intended to cover such an apparatus or method whichis practiced using other structure, functionality, or structure andfunctionality in addition to or other than the various aspects of thedisclosures set forth herein. It should be understood that any aspectdisclosed herein may be embodied by one or more elements of a claim.

Although particular aspects are described herein, many variations andpermutations of these aspects fall within the scope of the disclosure.Although some benefits and advantages of the preferred aspects arementioned, the scope of the disclosure is not intended to be limited toparticular benefits, uses, or objectives. Rather, aspects of thedisclosure are intended to be broadly applicable to differentcommunication technologies, system configurations, networks, andtransmission protocols, some of which are illustrated by way of examplein the figures and in the following description of the preferredaspects. The detailed description and drawings are merely illustrativeimplementations of certain features, with the scope of the disclosurebeing defined by the appended claims and equivalents thereof.

Although the description below focuses on gaming systems, in particularcasino gaming, the identity verification features described may beimplemented to provide authentication of users interacting with avariety of online systems or services where it may be desirable toimplement identity based access restrictions. In some implementations,the identity verification features described may be implemented toprovide authentication of players playing casino games on the premisesof a land-based casino. In some implementations, the identityverification features described may be implemented to provideauthentication of players who make cash wagers on the outcome of one ormore sporting events, other public events, or electronic-games (e-game)offered by one or more LBCOs or OCOs sportsbook(s), associated with anonline gaming website, to their remote players for wagering online.

An electronic game can be a game that employs electronics to create aninteractive system with which a player can play. Electronic-games can beplayed on a microchip-controlled device, for example a special gamingconsole other than a personal computer. Electronic-games may be playedusing an input interface, for example a joystick, to manipulate or movefigures or graphical symbols on a video display screen of the specialgaming console. Electronic-games can include electronic games thatrequire players to interact with a user terminal interface to generatevisual feedback on a display device such as a video screen or televisionas in a toy or an arcade machine. Video Electronic games can typicallyprovide interactivity and information to players via audio devices, forexample sound reproduction devices such as speakers and headphones.Electronic-games can include virtual reality, a hypotheticalthree-dimensional visual world created by a computer where players useinput/output devices such as special goggles or fiber optic gloves, andcan enter and move about in this world and interact with objects as ifinside it.

Gaming systems for playing e-games include Sony's PlayStation 3 and 4(PS3 and PS4), Microsoft's Xbox (Xbox One, XBox Live, and Xbox 360) andWii. Electronic games can be played using these gaming system andpersonal computers via online gaming platforms such as Steam. An onlinegaming platform can include a digital distribution platform offeringdigital rights management (DRM), multiplayer gaming and socialnetworking. An online gaming platform can deliver a range of games to acomputer's desktop. The online gaming platform can provide players withautomatic updates, lists of games and prices, posters, and access to alarge gaming community. Some or all of the features described may beincluded in an online gaming platform to allow biometric gameplayverification.

Player Tracking Card System and Database

A land-based casino operator (“LBCO”), for example a legally licenseLBCO, can operate a player rewards center (PRC) at a land-based casino(LBC) operated by the LBCO for managing players of the LBCO. The playerrewards center can be located within close proximity of slot machines orcasino table games of the LBC. A service assistant working at the playerrewards center can operate a player tracking card system (PTCS) forcreating player tracking cards (PTCs) for players at the LBC.

The LBCO can issue player tracking cards to qualified players. Aqualified player may be a player who can legally play the games at theLBC (e.g., the player may have to be 21 years of age or older). Aqualified player can wager on one or more types of slot machines, casinotable games, e-games, or sportsbooks located on the LBC's premise. Toshow that he can legally play the games at the LBCO, the qualifiedplayer may submit a government issued photograph identification (ID) ordocumentation (e.g., a state issued driver's license, or a passport), tothe service assistant. The photograph identification can includeinformation such as the player's name, social security number, date ofbirth (DOB), gender, address, or country of residence.

After verifying the validity of the photograph identification and thatthe player can legally gamble at the LBC, a player profile can becreated for the player. An electronic player tracking card database(PTCD) can be configured to store the player profile. The player profilecan contain the player's information, and the player's information canbe inputted into the player tracking card system (PTCS). For example,the service assistant can manually input the player's information intothe PTCS. As another example, the PTCS can be coupled with an electronicscanner configured for scanning the player's photograph identification.From the scanned photograph identification of the player, the PTCS canextract the player's information using an optical character recognition(OCR) method. The PTCD may be directly connected to the PTC, or the PTCScan communicate with the PTCD by wireless or wireless communications.

After the player's information is inputted into the PTCS, a playertracking card reader (PTCR), for example a magnetic strip reader,connected with the PTCS can create a player tracking card for theplayer. The player may have to provide a pin number for the newly issuedPTC. For example, the player can input a pin number using an electronickeypad coupled to the PTCS. The pin number can be stored in the PTCD.The pin number is a numeric code that the player selects to secureaccess their player tracking card.

The player may have to provide the pin number when accessing his playerprofile or redeeming his rewards points earned by, for example, usingthe PTC to play casino games at the LBC. For example, to review thereward points he has earned, he can insert his PTC into a PTCR connectedto a slot machine or other gaming device and input his pin number. Theslot machine or other gaming device may be connected to a network. Viathis network, the slot machine or other gaming device may be configuredto retrieve the player's player profile from the PTCD.

The player tracking card may provide a cost effective method for theLBCO to track and record the gaming activities of players. From therecord of gaming activities of the player, the LBCO can calculate theplayer's earning potential. For example, a player can earn reward pointsfor playing a slot machine if he inserts his PTC prior to, during, orsubsequent to, playing at the slot machine. The slot machine can providethe PTCS with the player's playing activities for storage in the PTCD.The PTCS can record data specific to the player's play of thatparticular slot machine. For example, the PTCS can record slot machinenumber, time in, time out, duration of play, coin in, coin out, win, orloss.

The PTCS can use the player's playing activity to calculate the player'scomplimentary value or true worth to the LBCO. The PTCS can calculatethe player's rewards points based on the player's complimentary value ortrue worth value. For example, a PTCH can earn points for each gamingsession. The player can use his reward points to book or purchase room,food, beverage, or anything of value that the LBCO makes available tothe player.

The name of the player and the PTC number may be printed on the PTC,while a photograph of the player may not be. The LBCO's contactinformation or an age specific warning may be printed on the PTC. Theage specific warning may state “Cardholder must be at least 21 years oldand by use of this card agrees to all terms and conditions now orhereafter applying to the card and its use. The card isnon-transferable, the property of the LBCO, and must be surrendered onrequest.”

A regulator of the LBCO, for example the State of Nevada's GamingControl Board, can approve and enforce the verification process that theLBCO uses to insure that a PTC is only issued to a player who canlegally play at the LBCO (for example, the player must be 21 years ofage or older). Because of the strict procedure employed by the LBCO toverify, prior to issuing a PTC to a player, it may be advantageous for aLBCO to charge an online casino operator (OCO) or a social media websiteassociated with an OCO for accessing the PTCS or the PTCD. The onlinecasino operator can offer online games, for example online free playgames, online fee-based games such as fee-based online casino tournamentgames, online cash play games, and/or wagering on sporting events ande-games, through its online sportsbook, to PTCHs. A PTCH playing onlinegames remotely, for example at his home and not on the premises of aland-based casino, can be a remote player. A remote player may access anonline casino website operated by an OCO located in a gamingjurisdiction or country wherein online casino gambling is legal. A LBCOlegally licensed to operate an online casino website can be a LBCO/OCO.

System for Controlling Access to Online Games

FIG. 1 shows a functional block diagram of an exemplary system 100 forcontrolling access to online games. This diagram shows a configurationfor one gaming system 104. However, a plurality of gaming systems 104may be available for controlling access to online games. It will beunderstood that the processes and systems described may be configured tosupport two or more gaming systems 104 of the same or different types.

Operators, for example a land-based operator 108 a, a land-based/onlineoperator 108 b, or an online operator 108 c can utilize the gamingsystem 104 via a network 112 to control access to online games by remoteplayers. Two or more operators can share the gaming system 104, or twooperators can each operate or maintain their own gaming systems 104.Remote players can use their microprocessor controlled devices, forexample gaming devices such as a gaming device 116 a, a gaming device116 b, or a gaming device 116 c, to access online games offered by theoperators via the network 112. A gaming device may be implemented as aphysical gaming machine installed at an operator's facility. Examples ofsuch gaming devices include slot machines, video card game machines(e.g., poker, keno, blackjack, etc.), bingo machines, oroff-track-betting consoles. Other examples of such gaming devicesinclude stadium gaming terminals, with keyboards, located within a LBCOto accommodate players who may not wish to play at a standard casinogame table, (i.e. a baccarat table). A gaming device may be implementedas a physical gaming machine owned by or under control of the player.For example, the gaming device may be an electronic communication deviceconfigured to communicate with the land-based/online operator 108 b orthe online operator 108 c. Examples of electronic communication devicesinclude an appliance, a video conferencing system, personal computingdevice, laptop computing device, hand held computing device, terminalcomputing device, mobile device (e.g., mobile phones or tablet computingdevices), wearable device configured with network access and programexecution capabilities (e.g., “smart eyewear” or “smart watches”),wireless device, electronic reader, media player, home entertainmentsystem, gaming console, set-top box, television configured with networkaccess and program execution capabilities (e.g., “smart TVs”), or someother electronic device or appliance. In some implementations, thenetwork 112 can be a cloud, a virtual network hosted over many differentredundant servers and databases not always located in the same facility,as opposed to a traditional network hosted with in a singular brick andmortar facility.

A gaming device may transmit messages to and receive messages from anoperator (e.g., 108 a, 108 b, 108 c) and/or gaming system 104. Themessages may be formatted according to a standardized protocol such asTCP/IP, HTTP, SSL, FTP, or the like. The transmission may be sent wired,wireless, or hybrid wired-wireless networks (e.g., the network 112). Thenetwork 112 may include an interconnection of one or more networks suchas the Internet, a local area network, a wide area network, apeer-to-peer network, a cellular network, a satellite network, a publicswitched telephone network, any combination thereof, or othercommunication system for exchanging data between electronic devices.

A gaming device, for example the gaming device 116 a can be coupled to abiometric detector 118. The biometric detector 118 can be configured tocapture biometric information for authenticating a remote player. Thebiometric detector 118 can be an imaging device such as a digital cameraor a webcam configured to capture image data for authenticating a remoteplayer. A remote player can be a player tracking card holder (PTCH), aplayer with an existing player tracking card (PTC); and his playertracking card number can be inputted into a gaming device. The gamingdevice 116 a can display the games available for play by the remoteplayer. The gaming device 116 a can download and execute a biometricfacial recognition software application (BFRSA) configured for biometricauthentication during log in or confirmation of the remote player'sidentity. The identity confirmation, associated with the player ratinghistory (PRH) of a remote player's PTC, may be performed to determinewhich games are available to the player. The identity confirmation maybe performed while playing a game such as to confirm the identity of aplayer during a real-time online poker tournament. The gaming device 116a may be in communication with a video teleconferencing (VTC) network sothat the remote player can participate in live online games, such aslive online casino games. An example VTC network that enables the remoteplayer to participate in live online games is described in U.S. patentapplication Ser. No. 14/495,731, the entirety of which is herebyincorporated by reference.

Other examples of biometric information that can be captured by thebiometric detector 118 include fingerprints, vein prints, palm prints,hand geometry, dour/scent, iris patterns, retina patterns, or voiceprints. In some implementations, the biometric detector 118 may beprovided by an operator. In such implementations, the biometric detector118 may include additional hardware security features to prevent remoteplayers from providing false identity information. Such securityfeatures may include an encryption key stored in a secure memorylocation and used for communicating data with the gaming system 104. Insome implementations, the features may include a token generationcircuitry for generating two-factor authentication information tocommunicate with the gaming system 104 such as features similar to theRSA SecurID (e.g., hardware tokens) commercially available from RSASecurity.

The land-based operator 108 a can be a land-based casino operator(LBCO). The land-based/online operator 108 b can be a LBCO/OCO, an LBCOwhich operates one or more online casino websites. The online operator108 c can be an online casino operator. An operator can utilize thegaming system 104 to host an online gaming website, for example anonline casino website. In some implementations, an operator can utilizethe gaming system 104 to control access to an online gaming website nothosted on the gaming system 104. A LBCO can convert its existing playertracking card system (PTCS) into the gaming system 104 (describedfurther with reference to FIG. 5).

A gaming device can be used by multiple remote players to play an onlinegame, and a remote player can use two or more gaming devices to play anonline game. For example, a first remote player can use the gamingdevice 116 a or the gaming device 116 b to play an online game hosted bythe online operator 108 c. The gaming device 116 c can be used by asecond remote player and a third remote player to play an online gamehosted by the land-based/online operator 108 b.

Computer System for Controlling Access to Online Games

FIG. 2 shows a functional block diagram of a computer system forcontrolling access to online games shown in FIG. 1. The gaming system104 can include a processor 204 coupled to a memory 206. The memory 206may include RAM, ROM, and/or other persistent, non-transitory computerreadable media. The gaming system 104 can include a biometric data store208, a player data store 210, or an online game store 212. The processor204 can be configured to execute instructions stored in the memory 206for implementing a game interface 216, a login interface 220, an accesscontroller 224, a biometric registration interface 228, or a new playerregistration interface 232 of the gaming system 104. In someimplementations, the one or more of the game interface 216, the logininterface 220, the access controller 224, the biometric registrationinterface 228, or the new player registration interface 232 may beimplemented as a hardware device (e.g., circuit) configured to performthe functions described. The gaming system 104 can include aninput/output interface 236. The processor 204 can communicate outputinformation to an optional display, for example a computer monitor, viathe input/output interface 236. The input/output interface 236 canaccept input from an optional input device, such as a keyboard, a mouse,a digital pen, a microphone, a storage device, a touch screen, agamepad, or other input device. One example of an input is a swipereceived via a touch screen. Another example of an input is anactivation via a mouse click.

One or more components of the gaming system 104, for example the accesscontroller 224, can be part of the gaming system's security system. Thegaming system 104 can communicate through the network 112 with theland-based operator 108 a, the land-based/online operator 108 b, and theonline operator 108 c. The gaming system 104 can communicate through thenetwork 112 with the gaming device 116 a, 116 b, or 116 c.

The biometric data store 208 can be a computer database configured tostore remote players' biometric information such as authenticatedbiometric information of remote players. Biometric information mayinclude, for example, images of the players' facial images as describedwith reference to FIG. 3. Where biometric information includesfingerprints, the biometric data store 208 can store one or more imagesof a remote player's fingerprints. The biometric data store 208 maystore the biometric information as an authoritative record fordetermining the identity of the player. This authoritative record may beused to conduct subsequent identity verifications for the player. Insome implementations, it may be desirable for the biometric data store208 to include additional security features to ensure the biometricinformation for a player is not altered. Such features may includeencryption of the biometric information stored in the biometric datastore 208, electronic signing and/or storage of signatures for thebiometric information stored in the biometric data store 208, and thelike. The one or more images or fingerprints of the remote player can beaccessed from the biometric data store 208 and compared with anauthentication image or an authentication fingerprint provided by remoteplayer for image-based authentication or when logging into an onlinegaming website operated by an operator.

In some implementations, the biometric data store 208 can be configuredto store the biometric information of players prohibited from accessingone or more games offered by the gaming system 104 or an online casinowebsite operated by an online casino operator (OCO). For example, thebiometric data store 208 may store facial images or photographs of gamecheats, purse snatchers, or “beards” (e.g., strawmen who make many smallwagers for individuals who want to make large wagers on a sportingevent; but he doesn't want to risk having an impact on the line. If hemakes a large wager himself a legal sportsbook might move the line, sohe may give several “beards” money to bet on the event; and if he winshis “beards” get a small percentage of his winnings.) Facial images orphotograph's of all game cheats, beards, fugitives, or problem gamblerscan be imported into the biometric data store 208 for comparison withfacial images captured by a webcam of the remote player's gaming device.Accordingly, the biometric data store 208 can be a biometric facialrecognition database (BFRD), and the gaming system 104 can be abiometric facial recognition system. When the gaming system 104 ispresented with an image of a player (e.g., during login or game play),the image may be compared to the prohibited players' biometricinformation. If the comparison indicates a match, the player may beprohibited from further play or be presented with a limited set of gamesfor play, for example free play games. In some implementations, thegaming system 104 may provide a message including the determination toan operator, for example the online operator 108 c. In suchimplementations, the operator's system may then adjust game play orinterfaces presented therefrom based on the determination.

The player data store 210 can be a database configured to store playerprofiles of remote players and player tracking card holders (PTCHs). Forexample, the gaming system 104 can retrieve player profiles stored in aplayer tracking card database (PTCD) of a player tracking card system(PTCS) for storage in the player data store 210. A player profile storedcan include, for example, a remote player's name, date of birth (DOB),social security number, passport and/or visa number, gender, address, orcountry of residence. Other non-limiting examples of the information inthe player profile include the remote player's “player rating history”such as suspicious activity by the remote player (e.g., game playbehaviors); the remote player's skill level, such as recreational orhighly skilled; the number, frequency, or length of remote player'splaying sessions; minimum, maximum or average bets; win and loss persession; credit line; or whether the remote player is a problem gambler.For example, the gaming system 104 can implement one or more cardcounting detection systems. Players who count cards typically exhibit aregular game play pattern (e.g., betting, in game decisions, etc.).These patterns may be used by a card counting detection system toidentify players employing such strategies. Using tracked game playbehavior, the gaming system 104 can determine the strategy and bettingproficiency of a remote player. A card counting detection system may beconfigured to compare the strategy and/or betting proficiency with oneor more card count systems to determine whether or not the remoteplayer's skill level is that of a recreational player, or a remoteplayer with a skill level high enough to overcome the host OCO's houseadvantage. A player's skill level in poker or blackjack may bedetermined to within about 97% accuracy based on analysis of theplayer's historical game play decisions. The game play decisions may beprovided via a gaming device. The player data store 210 can containmillions of player profiles of existing player tracking card holders(PTCHs). The player profiles stored in the player data store 210 can beshared with other online operators 108 c such as online casino operators(OCOs).

The online game store 212 can be a database configured to store gamesavailable for play such as including the sensory and game play data ofonline games, played by real people, that are captured during real-timefor live, real-time, delayed or on-demand broadcast to one or moreremote players. Games may be assigned to difference classes such as freeplay games, fee-based online casino games such as fee-based onlinecasino tournament games, online sportsbooks such as online sportsbooksthat accept cash wagers, and/or cash wagers from remote players wageringon e-games. Non-limiting examples of online games stored in the onlinegame store 212 include poker, slot games, blackjack, bingo, roulette, orbaccarat. The online games can include virtual or live games. A virtualonline game can be, for example, a poker game with one or more virtualplayers under the control of the gaming system 104. A live online gamecan be, for example, a casino poker game with two or more remote playersplaying the poker game in real time.

The game interface 216 can be a medium for communicating through thenetwork 112 configured to display, or cause display of, one or moregraphical indicia of online games on a remote player's gaming device,for example the gaming device 116 a. For example, a graphical indicia ofa game can be the name of the game such as baccarat. As another example,a graphical indicia of a game can be an image of a baccarat table. Asyet another example, a graphical indicia of a game can be a video of theplay of a baccarat game, captured during real-time by the gaming system104 cameras. The game interface 216 may provide the remote player'sgaming device with all of the online games stored in the online gamestore 212. In some implementations, the game interface 216 may providethe remote player's gaming device with only the online games availablefor play to the remote player. The availability may be based on theavailability and content of biometric information for the player. Theremote player may configure the graphical indicia of online gamesdisplayed on the remote player's gaming device, such as thelook-and-feel of the display or the number of graphical indiciadisplayed.

The login interface 220 can be a medium for communicating through thenetwork 112. The login interface 220 can be configured to request oraccept biometric login information from remote players to enable theremote players to play online games offered on an online gaming website,for example an online casino website. To play an online game, a remoteplayer may provide authentication information to the login interface220. The authentication information can include biometric informationsuch as an authentication image (e.g., a frontal image of the remoteplayer) or an image of the remote player's fingerprint. Theauthentication information can include the remote player's name, or theremote player's player tracking card number; and/or his/her PIN number.In some implementations, when converting a LBCO's or a OCO's PTCDwithout biometric data of the PTCH, the login interface 220 of thegaming system 104 may request and receive the PTCH's name, PTC number,and the PTCH PIN number to authenticate the identity of the remoteplayer whose player profile may be stored within the PTCD.

The access controller 224 can be configured to determine the classes ofgames a remote player can play. For example, the remote player may beauthorized to play only free play games because the player data store210 may not contain the remote player's banking information or theremote player's account balance may be insufficient for any of thefee-based games or cash play games. As another example, even though theremote player may have sufficient balance in his online account forplaying cash play games; and or the remote player may be authorized toplay only free play games and fee-based games because he has not grantedthe gaming system 104 permission to confirm his identity during a gameplay as described with reference to FIG. 4.

The biometric registration interface 228 can be a medium forcommunicating through the network 112 configured to receive biometricinformation from player devices for association or incorporation intoexisting player profiles. For example, a remote player can be a playertracking card holder. To associate an image of the remote player withhis player profile, the biometric registration interface 228 can requestand receive a frontal image of the remote player for storage in thebiometric data store 208 as described with reference to FIGS. 3 and 5.Accordingly, the biometric registration interface 228 can be used toconvert a player tracking card database (PTCD) without any photographsof the player tracking card holders (PTCHs) to a PTCD with photographsof PTCHs. The biometric registration interface 228 can implement,integrate, or utilize one or more biometric facial recognition softwareapplications (BFRSAs). The biometric registration interface 228 mayreceive biometric information in different formats from each remoteplayer. For example, the biometric registration interface 228 canreceive images of remote players in formats such as the JointPhotographic Experts Group (JPEG) format.

The new player registration interface 232 can be a medium forcommunicating through the network 112 configured to receive a remoteplayer's personal information and biometric information for issuing newplayer tracking cards with biometric information. The biometric datastore 208 can store a remote player's biometric information received bythe new player registration interface 232. The player data store 210 canstore the remote player's personal information such as the remoteplayer's name, date of birth (DOB), social security number, passportnumber, gender, address, or country of residence.

The processor 204 may include or be a component of a processing systemimplemented with one or more processors. The one or more processors maybe implemented with any combination of general-purpose microprocessors,microcontrollers, digital signal processors, or any other suitableentities that can perform calculations or other manipulations ofinformation. The processor 204 may be coupled to the memory 206, whichmay include both read-only memory and random access memory or mayprovide instructions and data to the processor 204. The processor 204may be configured to perform logical and arithmetic operations based onprogram instructions stored within the memory 206. The instructions inthe memory 206 may be executable to implement the methods describedherein.

The processor 202 may be further configured to communicate with astorage, such as the biometric data store 208, the player data store210, or the online game store 212. The storage may include variouscomputer components or recording media that retain information. Thestorage may include a database, cloud data storage service, clustershared volumes (CSV) arrangement, flat file, or other informationstorage file or systems. The storage may store information received fromthe remote players without modification, in a compressed or encodedform, or results of calculations based on the information. Theinformation may also be stored and separated based on how recent theinformation is.

Although a number of separate components are illustrated in FIGS. 1 and2, those of skill in the art will recognize that one or more of thecomponents may be combined or commonly implemented. For example, theprocessor 202 may be used to implement not only the functionalitydescribed above with respect to the processor 202, but also to implementthe functionality described above with respect to the storage or one ormore interfaces. Further, each of the components illustrated in FIG. 2may be implemented using a plurality of separate elements. Moreover,components or the entirely of the gaming system 104 may be programmedusing one or more programming languages such as C-Sharp, Java, Python,or C++, and in some implementations, via a framework such as Microsoft.NET, Tornado from The Tornado Authors, or The Spring Framework fromPivotal Software.

The gaming system 104 can advantageously offer operators such as LBCOs,OCOs, or LBCOs-OCOs, a number of advantages. For example, the gamingsystem 104, coupled to a computerized point of sale (POS) terminal withplayer tracking card (PTC) reader, and/or display device, may preventPTCs from being used for illicit, or unethical, purposes. Peopleattempting to use PTCs for illicit or unethical purposes may be known orunknown to the PTC holders (PTCH) or the operators issuing the PTCs, forexample land-based casino operators (LBCO). As another example, thegaming system 104, when coupled to a display device such as a computermonitor, can be used by service personnel or staff members of aLBCO/OCO, operating an online casino website, to visually verify orconfirm the identity of a PTCH who visits the LBCO/OCO's website. Suchverification or confirmation may occur in real-time and/or during areview of the play of the game by service personnel or gamingregulators.

In some implementations, the gaming system 104 may allow PTCHs to redeemhis reward points, for example earned reward points, with businesses orfacilities operated by, or affiliated with, the LBCO. For example, PTCHscan use his reward points to redeem selected merchandise, tickets tosporting events, or stage shows. As another example, PTCHs can use hisreward points to obtain discount rates for hotel reservations. As yetanother example, the gaming system 104 may allow PTCHs to obtainconfirmed reservations for any entertainment events when thereservations are in high demand, such as on a New Year's Eve or onduring a Super Bowl weekend. The gaming system 104 may prevent peopleother than PTCHs from redeeming the PTCHs' points or benefits, forexample, for free meals.

The systems and methods disclosed herein may be effective in verifyingthe real-time identity of a remote player during a play of an onlinegame. Prohibited or fraudulent activities by less than scrupulous remoteplayers wagering online may be advantageously prevented or identified.

A LBCO/OCO can use the systems and methods disclosed herein to convert atypical player tracking card system into a more secure gaming system 104in a simple and effective method. PTCHs may visit land-based casinos,located around the world, infrequently. With the gaming system 104,PTCHs can advantageously have realistic online casino experience playingfree play games, fee-based games, or cash play games.

A LBCO/OCO can use the gaming system 104, as a cost effective means, tomarket its land-based casinos (LBCs) or OCO websites, by offering itsfree play and fee-based online games on online casino and social mediawebsites, worldwide. The LBCO/OCO may acquire existing remote playerswho are existing PTCHs in a cost effective manner. If the LBCO/OCO islocated in a gaming jurisdiction or country where cash play onlinecasino games are illegal, the free play games or fee-based games can bequickly converted to legal cash play games when legal cash play gamesbecome legal in their respective gaming jurisdictions.

With the systems and methods disclosed herein, legally licensed LBCsoperating around the world which may object to legally licensed OCOsoffering cash play casino slot machines, casino table games, orsportsbooks may become strong supporters of legalized cash play onlinecasino games. The innovative security aspects of the gaming system 104can enable OCOs to verify the identities of PTCHs, thus gaining accessto the “player rating history” of a large number of PTCHs, which canenable OCO's to protect their assets from highly skilled online players.

With the gaming system 104, remote players can access a LBCO/OCO'sonline free play games, fee-based tournament games, cash play casinoslot machines, table games or sportsbooks. Thus, the LBCO/OCO will notobject to legalizing online casino games as the LBCO/OCO may havetens-of-thousands of their PTCHs, wagering on their online casinowebsites. These PTCHs may rarely, if ever again, physically visit theissuing LBCO after receiving their PTCHs. The gaming system 104 mayprevent a LBCO's PTCHs from accessing online casino websites, notassociated with the LBCO-OCO issuing a remote player his/her PTC.

In some implementations, a commercial retail website can utilize thegaming system 104 or one or more components of the gaming system 104such as the biometric data store 208 to verify the identities of remotecustomers. For example, prior to accepting a payment from a remotecustomer in the form of a credit card, debit card, or a virtual currencysuch as Bitcoins, the commercial retail website can utilize thebiometric data store 208 to verify the identity of the remote player.The commercial retail website can be a porn website, an online datingwebsite, or an alcoholic beverage website.

Controlling Access to Online Games

FIG. 3 is a flowchart of an exemplary method 300 for controlling accessto online games. The method 300 may be used by the online casinooperators, for example the land-based/online operator 108 b, to controlaccess to online games, for example online casino games. Although themethod 300 is described below with respect to the elements of the gamingsystem 104, those having ordinary skill in the art will appreciate thatother components may be used to implement one or more of the stepsdescribed herein. The method 300 shown in FIG. 3 may be implemented inwhole or in part by one or more of the devices described in thisapplication such as the gaming system 104 shown in FIG. 1.

After starting at start state 304, biometric information, for examplesuch as a frontal image of the remote player's face, is received atprocess 308. For purposes of describing the method 300 in FIG. 3, imagebiometric information is used as an example. Additional or otherbiometric information may be used such as fingerprints, vein prints,palm prints, hand geometry, dour/scent, iris patterns, retina patterns,or voice prints. The biometric information of the remote player may bereceived to update an existing player profile (described further withreference to FIG. 5) or to create a new player profile (describedfurther with reference to FIG. 6). The biometric information may beincluded in a message received by the biometric registration interface228. The receipt of the biometric information may be performed by, forexample, the biometric registration interface 228 using an electroniccommunication protocol such as Transmission Control Protocol/InternetProtocol (TCP/IP). Other electronic communication formats or protocolsmay be used for receiving the image. In some implementations, thetransfer may be secured or encrypted. The biometric registrationinterface 228 may communicate with a gaming device of the remote player,for example the gaming device 116 a, through the network 112 to requestthe biometric information. The remote player's gaming device may displaya “casino lobby” requesting the remote player to provide the biometricinformation.

The biometric information such as an image of the remote player may beidentified as an authoritative image of the remote player. The remoteplayer can gain access to an online game by providing an authenticationimage to the gaming system 104. The remote player may use a gamingdevice, for example the gaming device 116 a, to capture theauthentication image. The gaming device may include, or be connected to,an imaging device (e.g., a digital camera or a webcam) configured tocapture the authentication image. In determining whether to grant ordeny the remote player access to the online game, an authoritative imageof the remote player can be compared to an authentication image by pixelanalysis to determine whether the remote player is present in theauthentication image. A number of authoritative images of the remoteplayer can be received, for example 10. In such implementations, thecomparing may include comparing the authentication image with all 10images or a subset of the authoritative images. The determination of howmuch comparing to perform may be dynamic such as based on the class ofgame. For example, it may be desirable to ensure the authenticationimage matches all the images in the authoritative image set for a classof high stakes games while matching one may be sufficient for adifferent class of games.

The format of the authoritative image of the remote player can bedifferent in different implementations. For example, the authoritativeimage can be an image of the remote player with width and height of 128pixels by 128 pixels in the image space. As another example, theauthoritative image can be an image of the remote player in a featurespace, for example a 128-dimensional real number vector. As yet anotherexample, the authoritative image can be an image of the remote player inthe image space, and the method 300 can transform the authoritativeimage into a vector in a feature space for subsequent steps of themethod 300.

At process 312, the authoritative image of the remote player received atprocess 308 is associated with a player profile of the remote player.The authoritative image of the remote player can be stored in thebiometric data store 208 in a native format or an encrypted format toprotect the remote player's privacy. The player profile of the remoteplayer can be associated with a number of authoritative images of theremote player, for example 10. The player profile of the remote playercan be stored in the player data store 210. The player profile of theremote player can include name, birth date, social security number,passport number or driver's license number. The player profile of theremote player can include information on the remote player's playhistory such as games played, betting history win/loss percentage, skilllevel, complimentary value, or redeemable reward points earned.

At process 316, biometric information such as a second image of theremote player can be received. The second image of the remote player canbe an authentication image of the remote player received when the remoteplayer attempts to login and/or access an online game hosted by thegaming system 104. The receipt of the biometric information may beperformed by the login interface 220 of the gaming system 104. Thesecond image of the remote player can be captured, or caused to becaptured, by an imaging device (e.g., a digital camera or a webcam) onor coupled to the gaming device. The imaging device capturing theauthoritative image and the imaging device capturing the authenticationimage may be the same or may be different. Where the biometricinformation includes non-image information, additional or alternativebiometric detectors 118 may be included to capture and provide thebiometric information. In some implementations, prior to capturing orcausing to be captured of the authentication image, permission of theremote player to access the imaging device to capture the authenticationimage may be received.

The format of the authentication image may be different in differentimplementations. For example, the width and height of the authenticationimage can be the same as the width and height of the authoritativeimage. As another example, width and height of the authentication imagecan be different from the width and height of the authoritative image,and the authentication image or the authoritative image can beup-sampled or down-sampled for further analysis. As yet another example,the authentication image can be transformed into a feature space, forexample a 128-dimensional real number vector, for subsequent steps ofthe method 300.

In some implementations, the gaming device for example a desktopcomputer may only be accessible within an area, for example the remoteplayer's home, and may not be accessible at a public place. Thus, theauthentication image should include at least a portion of the area suchas the remote player's home. The authoritative image of the remoteplayer can also include at least a portion of the area.

At process 320, biometric information such as pixel information of theauthoritative image and the authentication image can by compared todetermine whether the remote player is present in the second image. Forexample, the facial information of the remote player can be extractedfrom the authoritative image and the authentication image. Afterextracting the facial information, the presence or absence of the remoteplayer in the authentication image can be determined. The comparison ofthe biometric information can be performed by the login interface 220.Example implementations of image processing that may be included tocompare the authoritative image with the authentication image aredescribed in Zhao et al. “Face Recognition: A Literature Survey,”Technical Report CAR-TR-948, Center for Automation Research, Universityof Maryland (2000), the entirety of which is hereby incorporated byreference.

In one innovative aspect, if the authentication image is determined tobe an image of the remote player by, for example, the login interface220, the authentication image may be associated with the player profileof the remote player and stored in the biometric data store 208 by, forexample, the biometric registration interface 228. During a subsequentlogin by the remote player or when the real-time identity of the remoteplayer is confirmed during a game play (as illustrated in FIG. 4), theauthentication image received at process 320 can be treated as anauthoritative image of the remote player.

At process 324, graphical indicia of online games such as online casinogames available for play by the remote player can be displayed, orcaused to be displayed, on a gaming device of the remote player. Thegraphical indicia of online games can be displayed, or caused to bedisplayed, in a virtual game lobby. The display or the cause of displayof graphical indicia of online games can be performed by the gameinterface 216. The online game store 212 can store a number of onlinegames. In some implementations, the online game store 212 can storethree or more classes of online games, for example free play games,fee-based games, or cash games.

The access controller 224 can identify a set of online games availablefor play by the remote player based on, for example, the player trackingcard number, the player profile of the remote player, or the capabilityof the gaming device of the remote player. Even though the gameinterface 216 may be capable of providing the gaming device of theremote player with all games stored in the online game store 212, theaccess controller 224 can determine that the remote player is onlyauthorized to play a subset of all available online games. For example,the access controller 224 can determine that the remote player isauthorized to play only free play games based on the player profile ofthe remote player. Consequently, the game interface 216 may provide onlythe online games that the remote player is authorized to play to thegaming device of the remote player. Thus, the gaming device of theremote player may display, or caused to display, graphical indicia ofonly a subset of all games stored in the online game store 212.

The set of online games available for play by the remote player can bebased on whether the remote player gives the gaming system 104permission to access a biometric detector of, or coupled with, thegaming device of the remote player. For example, the remote player maydecline to provide an authentication image. Or the remote player may notallow the gaming system 104 to automatically access an imaging devicefor capturing an authentication image. Or the remote player may declineto personally turn on an imaging device for capturing an authenticationimage. In such cases, where the player declines to provide or allowcapturing of authentication biometric information, the set of onlinegames available for play by the remote player can be limited (e.g., onlyfree play games).

As another example, the remote player may provide an authenticationimage. Or the remote player may allow the gaming system 104 toautomatically access an imaging device for capturing an authenticationimage. Or the remote player may agree to personally turn on an imagingdevice for capturing an authentication image. In such cases, where theplayer provides or allows capturing of authentication biometricinformation, the set of online games available for play by the remoteplayer can include more options than the limited set offered in the caseof a declining player. For example, the set of games may include one ormore of free play games, fee-based online casino tournament games,online casino sportsbooks accepting cash wagers on one or more sportingevents or low limit cash play games. As another example, the set ofgames may include competitive e-games played by professional e-gameplayers that may be seated at separate gaming devices located in closeproximity to each other, or in separate geo-physical locations. As yetanother example, the set of online games available for play by theremote player can include all the games available in the online gamestore 212. The method 300 ends at ending state 328.

Real-Time Identity Confirmation

FIG. 4 is a flowchart of an exemplary method 400 for confirming thereal-time identity of a remote player. The method 400 may be used by theonline casino operators, for example the land-based/online operator 108b, to confirm the real-time identity of a remote player during gameplay. Although the method 400 is described below with respect to theelements of the gaming system 104, those having ordinary skill in theart will appreciate that other components may be used to implement oneor more of the steps described herein.

After the identity of a remote player is determined to be present in anauthentication image as described with reference to FIG. 3, the method400 begins at beginning state 404, the entry point of the method 400. Atprocess 408, a message from a remote player is received by, for example,the access controller 224 of the gaming system 104. For example, theaccess controller 224 can receive the message formatted according to astandardized protocol such as TCP/IP, HTTP, SSL, or FTP from the gamingdevice 116 a. Receiving the message may include initiating acommunication session with an electronic device of the remote player,receiving one or more electronic transmissions including the message,and decoding the electronic transmissions to re-create the message in amachine readable format for further processing by the access controller224. Initiating the communication session may include identifying aservice level for the communication session and, in someimplementations, security features for the communication session (e.g.,secure sockets, authorization token, etc.). The message may be receivedin multiple electronic transmissions. In such implementations, receivingthe message may include decoding the individual parts and recombiningthe pieces to re-create the message, such as based on a sequenceidentifier included with each part. The message may grant permission bythe remote player access to a gaming device, or component includedtherein, of the remote player to confirm the identity of the remoteplayer. The identity of the remote player may be confirmed during a playof an online game, for example a cash play game.

Prior to receiving the message granting permission by the remote playeraccess to the remote player's gaming device to confirm the identity ofthe remote player at process 408, the gaming system 104 can inform theremote player that a biometric detector, such as an imaging device, ofthe remote player's gaming device may be activated to capture biometricinformation, such as one or more confirmation images, during the play ofan online game. A confirmation image can be an image used by the gamingsystem 104 to confirm the identity of the player during a play of anonline game. Accordingly, any remote player wagering online, who doesnot agree or who revokes his permission to the gaming system 104 toallow the gaming system 104 to activate the biometric detector tocollect biometric information for verification of the remote player'sidentity, may not have access to some or all of the online games hostedby the gaming system 104. The remote player may have to agree to the“Terms and Conditions” prior to his gaming device sending the messagegranting permission for confirming his identity.

At process 412 after a selection by the player, the method 400 canaccess the gaming device of the remote player to determine and toconfirm the identity of the remote player. A positive message selectionat decision state 412 will grant permission to the remote player, forplay of an online game and will allow the player gaming access. Forexample, if the gaming system 104 has received a message revokingpermission by the remote player or negative response at process 412, thegaming system 104 can store the message in the player data store 210 orthe memory 206 of the gaming system 104. The message revoking permissionreceived from the gaming device of the remote player can be formattedaccording to a standardized protocol such as TCP/IP, HTTP, SSL, or FTP.

The decision at process 412 can search the player data store 210 todetermine the presence of such a message. If the player data store 210or the memory 206 contains such a message, a message revoking permissionby the remote player, during the play of an online game, access to thegaming device to confirm the identity of the remote player has beenreceived. Such a message can revoke permission for all subsequent gameplays by the remote player during the particular visit of an onlinegaming website or all subsequent visits of the online gaming website. Ifa message revoking permission has not been received, the method 400,proceeds to process 416.

At process 416, the gaming device of the remote player is accessed tocapture biometric information of a player, for example a confirmationimage, during the play of an online game, such as a cash play game. Theconfirmation image of a player is an image of the player that can beused to confirm that the remote player, not another player, has beenplaying the online game. An imaging device (e.g., a digital camera or awebcam) of the remote player's gaming device can capture theconfirmation image. The confirmation image may be captured covertly(e.g., without notification of the remote player). Acquiring thebiometric information may include identifying a sensor for collectingthe desired biometric information, detecting the presence and/oravailability of the sensor, transmitting a control message to the sensorto initiate capture of the biometric information, and receiving, inresponse to the control message, the requested biometric information.

The gaming system 104 may access the gaming device of the remote playerto capture biometric information to confirm the identity of the remoteplayer based on a number of factors. For example, the access controller224 can identify a time t1 to confirm the identity of the remote player.The time identified can be relative to the time t2 the play of theonline game begins. The time identified t1 can be based at least in parton the online game being played. The difference between the timeidentified t1 and the time the play of the online game beings t2 issmaller if the online games involves higher stake. The access controller224 can initiate a timer for the play of the online game. When the timeidentified t1 to confirm the identity of the remote player is detectedusing the timer, the gaming system 104 can access the gaming device ofthe remote player to capture biometric information of the remote player.In some implementations, the gaming system 104 may access the gamingdevice of the remote player randomly during a game play. For example,the gaming system 104 may randomly access the imaging device coupled tothe remote player's gaming device. The gaming system 104 can use arandom number generator or a pseudorandom number generator to determinethe random timing for accessing the imaging device coupled to the remoteplayer's gaming device.

As another example, the access controller 224 can determine whether toconfirm the identity of the remote player based on the historical gameplay behavior of the remote player. The historical game play behaviorcan be stored in the player data store 210. The game play behavior caninclude pace of play, response time (e.g., for blackjack, the time aftera card is dealt and before a decision regarding whether to stand, hit,double, split, or surrender), click rate, typing rate, delays betweentwo game plays, or amount betted. After collecting the game playbehavior during the play of the online game and retrieving thehistorical game play behavior from the player data store 210, thecollected game play behavior can be compared to the historical game playbehavior of the remote player to determine the existence of adiscrepancy. For example, the remote player may be determined to have askill level of five for the particular online game, a particular type ofgames, or all games. If the skill level of the play of the online gameis determined to be 10, then a discrepancy has been identified. Afteridentifying a discrepancy, the gaming system 104 can access the gamingdevice of the remote player to capture biometric information of theremote player.

As yet another example, the access controller 224 can determine whetherto confirm the identity of the remote player based on prohibited gamebehavior. In addition to storing the games available for play, theonline game store 212 can store the prohibited game play behavior forone or more of the games, for example card counting. The accesscontroller 224 can retrieve prohibited game play behavior for the onlinegame from the online game store 212. After collecting the game playbehavior during the play of the online game, the collected game playbehavior can be compared to the retrieved prohibited game playerbehavior. Examples of prohibited game player behavior include cardcounting, coordinated betting between two or more players, or unexpectedor unreasonable win-to-loss ratio. If the collected game play behavioris determined to be consistent with the prohibited game player behavior,the gaming system 104 can access the gaming device of the remote playerto capture biometric information of the remote player. Consistency maybe measured by comparing the recorded game play behavior of a player toa system configured to detect the prohibited patterns of play such as acard count detection system.

At decision state 420, the existence of a discrepancy between theidentity of the player using the gaming device and the remote player isdetermined. For example, the presence of the remote player in theconfirmation image can be used to infer that the remote player has beenplaying the online game. The presence of the remote player in theconfirmation image can be determined by pixel analysis of theconfirmation image with the authentication image or the one or moreauthoritative images of the remote player as described above. Thecomparison process for decision state 420 may include requesting theauthentication image for the remote player using the provided identityinformation (e.g., username, player tracking card number, etc.). Thecomparison may then access the confirmation image from a temporarymemory location and initiate pixel and/or feature detection for theconfirmation image and the authentication image. In someimplementations, a discrepancy model may be included that receives aconfirmation image and authentication image as inputs and provides, asan output, a discrepancy result. The discrepancy model may be generatedthrough machine learning to identify optimal comparisons between theinput images. The machine learning may include neural network trainingbased on known desired discrepancy results for known input images. Insome implementations, the discrepancy may be identified based on gameplay behavior. In such implementations, the model may describe theuser's historical game play behavior and, based on game play behaviorcollected for the remote player, determine whether the collectedbehavior is consistent with the historical game play behavior. If nodiscrepancy between the identity of the player using the gaming deviceand the remote player is determined, the method 400 ends at ending state424. For example, if the identity of the player confirmed to be theremote player, then no discrepancy has been identified, and the remoteplayer can continue the play of the online game. A discrepancy may beidentified when a player other than the remote player, for example aminor, is present in the confirmation image. As another example, if theremote player, an amateur poker player playing an online poker game ortournament, is replaced by a skilled, professional poker player, adiscrepancy may be identified at decision state 420. When the remoteplayer signs up for the tournament, he may have agreed that he will bethe only person authorized to use his tournament account. The remoteplayer can be disqualified and/or his access to the online gameterminated. The gaming system 104 may refuse to pay the disqualifiedremote player any winning or reimburse the remote player for any lossessubject to an appeal by the remote player. The gaming system 104 mayinclude an interface to receive an appeal request and collect furtherinformation related to the incident. Such information may be stored foradjudication of the appeal and/or submission to the appropriategovernment gaming regulatory agency.

At decision state 420, if a discrepancy between the identity of theplayer using the gaming device and the remote player is determined, themethod 400 proceeds to process 428. For example, a discrepancy can occurwhen an image of a remote player captured during the real-time play of agame does not match an authoritative image of the authorized remoteplayer who initially logged into an online casino website. At process428, the online game being played is terminated or suspended. Thediscrepancy identified can be stored in the player data store 210. Forexample, the player data store 210 may store the time that thediscrepancy has occurred in the remote player's player profile. Based onthe frequency of discrepancy detection, the gaming system 104 maytemporarily or permanently ban the remote player from accessing thegaming system 104. The frequency may be specified via a configurationstored in a memory. The configuration may include a threshold frequencywhich triggers adjusting the access permissions for a player. Or thegaming system 104 may allow the remote player to play only certainclasses of games, for example free play games.

The biometric data store 208 can store the captured biometricinformation of the player as that of a suspicious person or a personprohibited from accessing the gaming system 104 or an online gamingwebsite hosted by the gaming system 104. For example, a confirmationimage can be an image of the player captured during a game play that thegaming system 104 can use to confirm the identity of the remote player.The biometric data store 208 can store the confirmation image as animage of a suspicious person or a person prohibited from playing anygame at the online gaming website hosted by the gaming system 104. Insome implementations, the remote player's access to the online gameshosted or provided by the gaming system 104 may be suspended until theremote player and the operator of the gaming system 104 resolve theidentity discrepancy through a dispute resolution process. The gamingsystem 104 may include an interface to receive information related tothe incident. Such information may be stored for adjudication of thedispute. The dispute resolution process may be a process authorized byregulators of online casino games. The gaming system 104 may report thebiometric information of the player to the police or a regulator of aLBCO or an OCO.

Other non-limiting examples of causes for terminating or suspending anonline game being played include a remote player is replaced by a playerunknown, or not approved by, the gaming system 104; the remote player isreplaced with a player who is a minor not approved to play the onlinegame being played such as a cash play game; or the remote player playinga fee-based online casino tournament game is replaced by a skilledprofessional card game player, such as a ringer, known to the gamingsystem 104.

After terminating the online game being player at process 428, graphicalindicia of a modified set of online games available for play may bedisplayed, or caused to be displayed, on the gaming device of the remoteplayer at process 432. The modified set of online games available forplay at process 432 can be different form the set of online gamesavailable for play at process 324 of FIG. 3. For example, the modifiedset of online games available for play at process 432 can include freeplay games, while the set of online games available for play at process324 can include free play games, fee-based online casino tournamentgames, online casino sportsbooks, or cash play games. To generate themodified set of online games available for play at process 432, certainclasses of games, such as cash play games, can be removed from the setof online games available for play at process 324. Generating themodified set of online games may include obtaining access definitionsfor each class of game provided by the gaming system 104. The accessdefinitions may include the permission level granted by the remoteplayer to participate in the class of games. For example, for a freeplay class of games, it may not be necessary to confirm the remoteplayer's identity while for an online tournament, it may be required toaccess one or more particular biometric detectors. The accessdefinitions may also include acceptable verification to participate inthe class of games. For example, the comparison performed between theconfirmation biometric information (e.g., collected or during game playor login) and the authoritative biometric information for the remoteplayer may provide a confidence value indicating how closely theconfirmation must resemble the authoritative information. In the case ofcasual games, it may be desirable for the confidence in the match to begreater than 50% while for more competitive or sensitive transactions,the confidence in the match may be raised to 80% or 90% or even 100%.Games within a class associated with access definitions satisfied by thecurrent remote player's permissions and/or biometrics are then selectedfor inclusion in the modified set of online games. Causing display ofthe graphical indicia may include receiving a message of the games towhich the remote player has access, selecting the graphical indicia froma memory (e.g., image repository, video repository, or textualdescriptor), and transmitting a message to the gaming device of theremote player for presentation. In some implementations, the message mayinclude instructions to initiate and/or configure an application on thegaming device of the remote player to present the graphical indicia.After displaying graphical indicia of the modified set of online gamesavailable for play at process 432, the method 400 ends at ending state424.

At decision state 412, if a message revoking permission has beenreceived, the method 400 proceeds to process 428 to terminate the onlinegame being played. At process 432, graphical indicia of a modified setof online games available for play are displayed, or caused to bedisplayed, on the gaming device of the remote player at process 432,before the method 400 ends at ending state 424.

Example Player Login

When a remote player attempts to log into a gaming website (e.g., anonline casino website) utilizing the gaming system 104, the gamingsystem 104 can request the remote player to provide an authenticationimage, for example a frontal facial image of the remote player. Thegaming system can activate, or cause the activation, of anauthentication controller on the remote player's gaming device. Theauthentication controller can be configured to authenticate orfacilitate authentication of the remote player.

The authentication controller can display an avatar such as a virtualassistant, and the avatar may request the remote player to provide anauthentication image. The virtual assistant can display a message suchas “Click to Take Photograph” on the remote player's gaming device. Themessage can cause the remote player to look into the imaging device sothat the imaging device can capture an authentication image, for examplea flash image, of a frontal view of the remote player.

In some implementations, the display of the avatar may be coordinatedwith the capture of biometric information. For example, when a remoteplayer accesses an online gaming system, the online gaming system mayinclude a landing interface to welcome the remote player to the system.Such a landing interface may include the avatar. The avatar mayvirtually interact with the remote player such as asking the remoteplayer to follow the avatar around their screen. While the remote playermay not physically move, the motion of the avatar may cause a physicalcharacteristic of the remote player to change. For example, the eyes ornose of the remote player may move to follow the avatar. In someimplementations, the avatar may move to a specifically colored orpatterned background. All or a portion of these background features maybe reflected by the remote player's eyes. Accordingly, collection of thebiometric information by the biometric detector, such as a camera, canbe coordinated with the interface. When the information is captured, thecaptured information may be analyzed using the interface state(s). Forexample, to prevent the use of a still image by the remote player, theeyes of the remote player should move between two images should move.The amount of movement may be detected by comparing two images taken,for example, while the avatar is presented at two different locations.The change in the location of the eyes (or other physicalcharacteristic) may be compared to the change in location of the avatarto confirm that the captured image is of the live remote player and nota still image held up to the camera. As another example, the color orbackground pattern may be detected in an image capture and compared tothe pattern or color of the interface. In some implementations, thesystem may detect any eye movement by asking (e.g., via the avatar) theremote player to blink. The request to blink may be coordinated withtriggering of the biometric detector to collect the biometricinformation such as an image.

The authentication controller can cause the activation of an imagingdevice (e.g., a digital camera or a webcam) coupled to the remoteplayer's gaming device. In some implementations, the collection may beperformed automatically without receiving direction from the player. Insome implementations, the player may be prompted to capture thebiometric information. In such implementations, when the remote playerclicks on a prompt (e.g., “Click to Take Photograph” message), theauthentication controller can cause the imaging device to capture anauthentication image.

The authentication controller can be configured to accept or reject theauthentication image taken. The authentication controller can beconfigured to reject an image captured by the imaging device if it doesnot meet certain image specification. For example, a captured image maybe rejected if the image is too dark because of insufficient lighting.If the captured image is rejected, the remote player may be requested toprovide another authentication image or, in the auto-collectimplementations, another image may be captured. A message such as “TakePhotograph Again” can be displayed. If the captured image is accepted bythe authentication controller as satisfying the image specification, theauthentication controller can provide the authentication image to theaccess controller 224 of the gaming system 104.

The access controller 224, after pixel analysis of the authenticationimage with one or more authoritative images of the remote player storedin the biometric data store 208, can confirm the identity of the remoteplayer. Pixel analysis can include searching the biometric data store208 for an image similar to the authentication image. The biometric datastore 208 can store the authentication image as an authoritative imagefor pixel analysis in a subsequent remote player log in. The accesscontroller 224 can determine the identity of the remote player based onthe remote player's email address or Internet Protocol (IP) address. Theaccess controller 224 can determine whether to grant the remote playeraccess based on whether other requirements such as legal requirementsincluding the remote player's age are satisfied.

If the access controller 224 is unable to confirm the remote player'sidentity by pixel analysis of the first authentication image provided bythe remote player, the avatar can prompt the remote player to face andlook directly into the imaging device and wait for the gaming device todisplay an acknowledgment message such as “Thank You! Photograph Taken.”The gaming device may display the acknowledgment message after capturinga second authentication image. If pixel analysis of the secondauthentication image cannot confirm the identity of the remote player,the gaming device can display or announce a denial message such as“Sorry, No Match—Access Denied.” The gaming system 104 may store theauthentication images provided by the remote player in the biometricdata store 208. The authentication images can be marked as images of asuspicious person. In such implementations, the system may evolve theset of images used for detecting suspicious players using the imagesprovided to the system.

After receiving the confirmation from the access controller 224, theauthentication controller can notify the remote player's gaming deviceof successful authentication. The remote player's gaming device canactivate a game software application, such as stored in memory on theremote player's gaming device, to allow the remote player to enter anonline gaming site, for example an online casino website. The gamesoftware application can display, for example, a virtual game lobbyshowing some or all of the games available for play by the remoteplayer. The availability, as discussed above, may be based on theconfirmation from the access controller 224.

Biometric Information Incorporation into Existing Player Profiles

It may be advantageous for a land-based operator 108 a or aland-based/online operator 108 b, for example an LBCO or a LBCO/OCO, toincorporate biometric information into its existing player tracking cardsystem (PTCS). The PTCS with biometric information incorporated can bethe gaming system 104. The player data store 210 of the gaming system104 can store the player profiles of players in the player tracking carddatabase (PTCD). An OCO or a LBCO/OCO can use the gaming system 104 toverify that a remote player can legally play at an online casino websiteoperated by the OCO or the LBCO/OCO. The gaming system 104 canadvantageously provide more security to protect the assets of the LBCOissuing the PTC or the assets of an OCO or a LBCO/OCO.

FIG. 5 is a flowchart of an exemplary method 500 for incorporatingbiometric facial information into player profiles of existing playertracking cards holders (PTCHs). The method 500 may be used by the onlinecasino operators, for example the land-based operator/online operator108 b, to incorporate biometric facial information into player profilesof existing player tracking card holders. Although the method 500 isdescribed below with respect to the elements of the gaming system 104,those having ordinary skill in the art will appreciate that othercomponents may be used to implement one or more of the steps describedherein.

After beginning at beginning state 504, an identity token is generatedfor a remote player who is also an existing player tracking card holderat process 508. The identity token can include the remote player'splayer tracking card (PTC) number. The identity token can include analphanumerical string or a quick response (QR) code that the remoteplayer can provide to the biometric registration interface 228, forexample, to initiate the process of incorporating biometric informationinto existing player profiles of player tracking card holders. Theidentity token can be used to confirm the identity of the remote player.The gaming system 104 can utilize the identity token to preventunscrupulous actors from pretending to be the remote player. Generatingthe identity token may include receiving the information to include inthe identity token such as the PTC number, name, address, etc.Generating the identity token may also include identifying a combinationroutine for the received information. The combination routine mayidentify how the information is combined. The combination routine mayidentify what the combination output will be (e.g., QR code, graphic,alphanumeric character string, barcode, etc.). With the identifiedcombination routine, the receive information may be processed togenerate the combination output. “QR Code Security” by Kieseberg et al.(incorporated by reference in its entirety) describes QR code generationand security features which may be included in whole or in part togenerate the identity token. The generated identity token may be stored(e.g., in memory) so as to be compared with a remote player attemptingto access the system using the identity token.

At process 512, the identity token is provided to the remote player. Forexample, an email containing the identity token may be sent to theremote player's email address stored in the remote player's playerprofile. As another example, a postal mail containing the identity tokenmay be sent to the remote player's mailing address stored in the remoteplayer's player profile. As yet another example, the remote player mayrequest the gaming system 104 to provide him with the identity token. Toprovide the identity token, the system may select a provisioning systemfor the remote player such as based on the player profile communicationpreferences (e.g., mail, email, text message, telephone, fax, etc.). Theprovisioning system may be an electronic mail server, an automatedcalling system, a physical mail fulfillment center, a text messagingsystem, a fax messaging system, or other communication system. Onceidentified, the token may be transmitted along with contact informationfor the intended recipient (e.g., remote player). In the case of anautomated calling system, the contact information may include the remoteplayer's name and telephone number. In the case of a physical mailfulfillment center, the contact information may include the remoteplayer's name and mailing address. Once received, the provisioningsystem may transmit a message including the identity token to the remoteplayer.

The identity token can be accompanied with a request for the remoteplayer to provide an authoritative image of the remote player. Afterreceiving the identity token or the request at a computing deviceassociated with the remote player, for example the remote player'sgaming device, the identity token or the request can activate a gamingapplication on the remote player's device. The gaming application candisplay, or cause the display of, an avatar on the device. The avatarcan be a virtual service assistant who can request the remote player toprovide image registration. In some implementations, image registrationincludes receiving an authoritative image from the remote player asdescribed with reference to FIG. 3.

At process 516, a message requesting registration including the identitytoken can be received at 516. For example, the remote player can use acomputing device associated with the remote player, for example theremote player's gaming device, to send the identity token to thebiometric registration interface 228. The remote player may have toprovide information in addition to the identity token to confirm hisidentity. Non-limiting examples of the additional information providedby the remote player to confirm his identity include name, address,e-mail address, date of birth, social security number, credit cardnumber, his player tracking card number, and PTC PIN number.

At process 520, the validity of the identity token is verified. Thegaming system 104 can keep track of all the identity tokens it hasgenerated to determine if the identity token provided by the remoteplayer is a valid identity token. The identity token can containsecurity features such as a hash value such that the biometricregistration interface 228 can determine the validity of the identitytoken based on the hash value. The secure hash algorithm (SHA)-2,including any of the SHA-2 hash functions with record digests of 224,245, 384, or 512 bits can be used (e.g., SHA-256), can be used togenerate the hash value.

At process 524, the identity of the remote player is determined usingthe identity token. The gaming system 104 can associate the identitytoken sent to the remote player with the remote player's player profilesuch that the identity of the remote player can be determined withoutthe remote player providing any additional biometric information. Thedetermination may include retrieving the identity token generated atprocess 508 and comparing the retrieved token with the token included inthe message. The comparison may include matching some or all of thetoken information. In some implementations, the retrieval of theidentity token may be based on information included in the message. Forexample, the message may include a user name which may be associatedwith a generated token. In some implementations, the identity tokenincluded in the message may include identifying information for theremote player. This identifying information may be used to acquire thegenerated token for comparison with the token received. After theidentity of the remote player is confirmed, the biometric registrationinterface 228 can capture and associate an authoritative image of theremote player with the remote player's player profile as described withreference to FIG. 3. To facilitate the process of obtaining the remoteplayer's biometric information, the gaming system 104 can cause thedisplay of an avatar on the remote player's gaming device. The avatarcan request the remote player provide an authoritative image. Anauthoritative image can be an image of the remote player that can beused in pixel analysis to determine whether the remote player is presentin another image, for example an authentication image provided by theremote player for image authentication to log in an online gamingwebsite. Causing display of the avatar may include generating a messageto initiate and/or configure an application on the gaming device of theremote player to present the avatar. Some systems may include multipleavatars such as a maître d', cocktail waiter, bartender, hotel employee,and the like. The message may indicate which avatar to present such asbased on the player profile (e.g., demographics, preferences, etc.).Causing display may include initiating a communication session with thegaming device of the remote player and transmitting the message to thegaming device. The gaming device may, in some implementations, initiatean application or hardware, to present the avatar. The presentation mayinclude playback of audio, video, images, or text to via the gamingdevice or an output device coupled therewith (e.g., display, monitor,console, and the like). The message may include a code or otheridentifier for the type of biometric information to collect. The codemay be used to identify the specific request to present to the remoteplayer (e.g., “Let's take your picture!” or “We need to verify yourfingerprint.”). Once identified, the message may be presented tosimulate an attendant at the gaming venue. Depending on the avatarselected, the message may be presented using different voices (e.g.,male or female voice) and/or accents (e.g., if accessing a gaming venuein Australia, the voice may be presented using an Australian accent).The request may include a message to activate the appropriate biometricdetector associated with the gaming device of the remote player.

Example Biometric Information Incorporation

The marketing department of a land-based operator 108 a or aland-based/online operator 108 b can send an invitation containing anidentity token to a player tracking card holder (PTCH) with a playerprofile without biometric information such as a facial image of thePTCH. The invitation can be in the form of an email or a postal mail.The identity token may be, or include, an invitation number unique forthe remote player. The identity token can invite the PTCH to log into anonline gaming website, for example a secure online casino websiteoffering free play games. The land-based operator 108 a or theland-based/online operator 108 b may own, operate, or be associated withthe online gaming website. When the PTCH log into the online gamingwebsite, the PTCH may be given a number of reward points.

The email or the postal mail may instruct the PTCH, when logging intothe online gaming website using a web browser, to enter or provideauthentication information such as his name, player tracking cardnumber, PTC pin number, or the identity token into the appropriatefields on a registration webpage. After the PTCH completes all therequired fields on the registration webpage, he can click an “Enter”button. The PTCH can use a computer device, for example the gamingdevice 116 a to access the online gaming website. The PTCH's computingdevice, for example the gaming device 116 b, may be coupled to animaging device (e.g., a digital camera, a webcam, or a closed circuittelevision (CCTV) camera).

After confirming the identity token and the provided authenticationinformation, the PTCH may be prompted to download a game softwareapplication compatible with his computing device, for example abiometric facial recognition software application (BFRSA). The gamingsystem 104 can cause display of a “Download” button on the PTCH'scomputing device.

Prior to showing the “Download” button, the PTCH may be informed by atext, graphic, audio, or video message that states that once the gamesoftware application is downloaded and installed, the imaging device ofthe PTCH's computing device may be automatically activated or turned onto capture an image, for example a real-time image, of the PTCH. Thegaming system 104 can cause display of Terms and Conditions on thePTCH's computing device. The Terms and Conditions may inform the PTCHthat the purpose capturing a real-time image of the PTCH is to associatethe captured image with his existing player profile. The PTCH may haveto agree to the Terms and Conditions in order to initiate download ofthe game software application. In some implementations, a commercialwebsite can utilize one or more components of the gaming system 104, forexample the biometric data store 208 and the access controller 224, toprevent authorized access of the commercial website.

Once installation of the game software application is complete, the gamesoftware application may display a link to an online gaming websitewhich may offer free play games. When the PTCH access the online gamingwebsite, the PTCH's computing device may display a virtual casino lobbyto the PTCH acting as a remote player. The game software application canactivate or turn on the imaging device coupled to the PTCH's computingdevice to capture a real-time image of the remote player. In someimplementations, the online gaming website can host a number of casinocard games that can be played by real-people seated at a real casinocard game table located in a legally licensed land based casino (LBC)owned or operated by the land-based operator 108 a or theland-based/online operator 108 b.

Issuing New Player Tracking Cards with Biometric Information

The systems and methods disclosed herein can create new player profilesfor players, for example new player tracking card holders or remoteplayers, with images such as frontal facial images of the new players.To manage its players, a land-based casino operator (LBCO), for examplea legally license LBCO, can operate a player rewards center (PRC) at aland-based casino (LBC) operated by the LBCO. The player rewards centercan be located within close proximity to slot machines or casino tablegames of the LBC. A service assistant working at the player rewardscenter can operate the gaming system 104 to issue player tracking cardswith biometric information to new players.

The LBCO can issue player tracking cards to qualified players. Aqualified player may be a player who can legally play the games at theLBCO (e.g., the player may have to be 21 years of age or older). Aqualified player can wager on one or more types of slot machines, casinotable games, or sportsbooks located on the LBC's premise. To show thathe can legally play the games at the LBCO, the qualified player maysubmit a government issued photograph identification (ID), ordocumentation (e.g., a state issued driver's license), to the serviceassistant. The photograph identification can include information such asthe player's name, date of birth (DOB), social security number, passportnumber, gender, address, or country of residence.

After verifying the validity of the photograph identification and thatthe player can legally play at the LBC, a player profile can be createdfor the player. The player data store 210 can store the player profile.The player profile can contain the player's information, and theplayer's information can be inputted into the gaming system 104. Forexample, the service assistant can manually input the player'sinformation into the gaming system 104 via a new player registrationinterface 232. As another example, the gaming system 104 can be coupledwith an electronic scanner configured for scanning the player'sphotograph identification. From the scanned photograph identification ofthe player, the gaming system 104 can extract the player's informationusing an optical character recognition (OCR) method.

After the player's information is inputted into the gaming system 104, aplayer tracking card reader (PTCR), for example a magnetic strip reader,connected with the gaming system 104 can create a player tracking cardfor the player. The player may have to provide a pin number for thenewly issued PTC. For example, the player can input a pin number usingan electronic keypad coupled to the gaming system 104. The pin numbercan be stored at the player data store 210.

The gaming system 104 may be coupled to an imaging device (e.g., adigital camera, configured to capture an image of the player (e.g. afrontal facial image of the player). The service assistant can use theimaging device to capture an image of the player. The gaming system 104can reject an image captured by the imaging device if it does not meetcertain image specification. For example, a captured image may berejected if the image is too dark because of insufficient lighting. Ifthe captured image is rejected, the gaming system 104 may request theplayer to provide another image. An accepted image can be stored in thebiometric data store 208 of the gaming system 104 as an authoritativeimage that can be used when the player log into an online gaming websiteoperated by the gaming system 104.

Gaming Device for Controlling Access to Online Games

FIG. 6 is a functional block diagram of a gaming device 116 forcontrolling access of the player to online games. The gaming device 116can include a processor 604 coupled to a memory 606 and an imagingdevice 614 (e.g., a digital camera or a webcam). The memory 606 mayinclude RAM, ROM, and/or other persistent, non-transitory computerreadable media. The processor 604 can be configured to executeinstructions stored in the memory 606 for implementing a device gameinterface 616, a device login interface 620, an authenticationcontroller 624, or a device biometric registration interface 628. Theseinterfaces can be part of a game software application being executed onthe gaming device 116. In some implementations, the one or more of thedevice game interface 616, the device login interface 620, theauthentication controller 624, or the device biometric registrationinterface 628 may be implemented as a hardware device (e.g., circuit)configured to perform the functions described. The gaming device 116 caninclude an input/output interface 636. The processor 604 can communicateoutput information to an optional display, for example a computermonitor, via the input/output interface 636. The input/output interface636 can accept input from an optional input device, such as a keyboard,a mouse, a digital pen, a microphone, a storage device, a touch screen,a gamepad, or other input device. One example of an input is a swipereceived via a touch screen. Another example of an input is anactivation via a mouse click.

One or more components of the gaming device 116, for example theauthentication controller 624, can be part of the exemplary system 100system for controlling access to online games. The gaming device 116 cancommunicate through the network 112 with online gaming websites hostedby the land-based operator 108 a, the land-based/online operator 108 b,or the online operator 108 c. The gaming device 116 can communicatethrough the network 112 with the gaming system 104.

The device game interface 616 can be a medium for communicating throughthe network 112 with the game interface 216 of the gaming system 104.The device game interface 616 can be configured to receive one or moreonline games or graphical indicia of online games from the gameinterface 216. The device game interface 616 may display, or causedisplay of, the received online games or graphical indicia of onlinegames on the gaming device 116. A remote player may configure thegraphical indicia of online games displayed on the gaming device 116,such as the look-and-feel of the display or the number of graphicalindicia displayed. For example, the gaming device 116, via a computermonitor connected to the input/output interface 636, can display a menufor selecting the maximum number of graphical indicia of online gamesthat can be displayed on the gaming device 116 at once. As anotherexample, the input/output interface 636 of the gaming device 116 candisplay, or cause display of, a menu on a computer monitor for selectingthe size and the color of the graphical indicia. The gaming device 116,via the input/output interface 636 such as a touch screen, can receive aselection from a remote player.

The device login interface 620 can be a medium for communicating throughthe network 112 with the login interface 220 of the gaming system 104.The device login interface 620 can be a user interface configured torequest or accept biometric login information from the remote player toenable the remote player to play an online game offered on an onlinegaming website, for example an online casino website. The logininterface 620 may activate the imaging device 614 to capture an image ofthe remote player such as an authentication image or a confirmationimage. To play the online game, the remote player may provideauthentication information to the device login interface 620. Theauthentication information can include an authentication image, such asa frontal image of the remote player. The authentication information caninclude the name of the remote player, the remote player's playertracking card number, and/or the PTCH's PIN number. The device logininterface 620 can provide the authentication information to the logininterface 220 of the gaming system 104.

The authentication controller 624 can be configured to authenticate orfacilitate authentication of the remote player. For example, theauthentication controller 624 can display an avatar such as a virtualassistant, and the avatar may request the remote player to provide anauthentication image. The authentication controller 624 can activate theimaging device 614 to capture an image of the remote player. Theauthentication controller 624 can accept or reject the authenticationimage taken. The authentication controller 624 can reject the imagecaptured by the imaging device 614 if it does not meet certain imagespecifications. For example, a captured image may be rejected if theimage is too dark because of insufficient lighting; or if the image isoffensive or inappropriate. If the captured image is rejected, theauthentication controller 624 may request the remote player to provideanother authentication image.

The device biometric registration interface 628 can be a medium forcommunicating through the network 112 with the biometric registrationinterface 228 of the gaming system 104. The device biometricregistration interface 628 can be a user interface configured to providethe biometric registration interface 228 with biometric information ofthe remote player for association or incorporation into the remoteplayer's existing player profile. For example, a remote player can be aplayer tracking card holder (PTCH). To associate an image of the remoteplayer with his player profile, the device biometric registrationinterface 628 can request the remote player to provide a frontal imagefor storage in the biometric data store 208 as described with referenceto FIGS. 3 and 5. Accordingly, the device biometric registrationinterface 628 can be used to convert a player tracking card database(PTCD) without any photographs of the player tracking card holders to aPTCD with biometric information of player tracking card holders. Thedevice biometric registration interface 628 can implement, integrate, orutilize one or more biometric facial recognition software applications(BFRSAs). The device biometric registration interface 628 may providebiometric information in different formats to the biometric registrationinterface 628.

In some implementations, the gaming device 116 can be coupled to amicrophone. The imaging device 614 and the microphone can record areal-time play of an online game. The gaming system 104 can broadcastthe play of the online game in real-time. The play of the online gamecan be broadcasted at a later time or can be played on demand. Agovernment gaming regulator may have the authority to impose milliondollar fines, or close the land-based casino, if the land-based casinois found to be guilty of manipulating the outcome of any of its casinogames. Advantageously, a remote player can have great confidence in theintegrity and security of the real-time games broadcasted or shown tothe remote player. More people may wager on online casino websitesutilizing the gaming system 104. More state, regional, national, orinternational legislatures may be more susceptible to legalizing onlinecasino cash play games.

The processor 604 may include or be a component of a processing systemimplemented with one or more processors. The one or more processors maybe implemented with any combination of general-purpose microprocessors,microcontrollers, digital signal processors, or any other suitableentities that can perform calculations or other manipulations ofinformation. The processor 604 may be coupled to the memory 606, whichmay include both read-only memory and random access memory or mayprovide instructions and data to the processor 604. The processor 604typically performs logical and arithmetic operations based on programinstructions stored within the memory 606. The instructions in thememory 606 may be executable to implement the methods described herein.

The processor 602 may be further configured to communicate with astorage, for example a computer hard drive (HDD) or a solid state drive(SSD). The storage may include various computer components or recordingmedia that retain information. The storage may include a database, clouddata storage service, cluster shared volumes (CSV) arrangement, flatfile, or other information storage file or systems. The storage maystore information received from the remote players without modification,in a compressed or encoded form, or results of calculations based on theinformation. The information may also be stored and separated based onhow recent the information is.

Although a number of separate components are illustrated in FIG. 3,those of skill in the art will recognize that one or more of thecomponents may be combined or commonly implemented. For example, theprocessor 602 may be used to implement not only the functionalitydescribed above with respect to the processor 602, but also to implementthe functionality described above with respect to the storage or one ormore interfaces. Further, each of the components illustrated in FIG. 6may be implemented using a plurality of separate elements. Moreover,components or the entirely of the gaming device 116 may be programmedusing various programming languages such as C-Sharp, Java, Python, orC++, and in some implementations, via a framework such as Microsoft.NET, Tornado from The Tornado Authors, or The Spring Framework fromPivotal Software

Example Access Control to Online Games

FIGS. 7A-B is a schematic diagram of messages that may be sent betweencomponents of the exemplary system 100 for controlling access to onlinegames shown in FIG. 1. The messages shown in FIGS. 7A-B include messagesexchanged between exemplary entities selected to highlight certainfeatures related to controlling access to online games. The messagesshown in FIGS. 7A-B illustrate how a gaming system 104 and a gamingdevice 116 may control access to online games. It will be understoodthat fewer or additional entities may be included to achieve a similarresult.

Referring to FIG. 7A, via a message 702, an operator 108, for examplethe online operator 108 c, can create new player profiles. For example,a land-based casino operated by a land-based casino operator can have aplayer rewards center. A service assistant working at the player rewardscenter can create a new player profile for a player and issue a playertracking card. The service assistant can input the new player profileinto the gaming system 104 via a message 704. The player profile can bestored in the player data store 210 of the gaming system 104.

The operator 108 can send an invitation containing an identity token tothe player via a message 706. As disclosed with reference to FIG. 5, theinvitation can be sent via email. The identity token may include aninvitation number unique for the remote player. The identity token caninvite the player to log into an online gaming website, for example asecure online casino website offering free play games.

Referring to FIG. 7A, when the player logs into the online gamingwebsite, a message 708 instructing a biometric detector 118 to capturebiometric information of the player may be transmitted from the devicebiometric registration interface 628 of the gaming device 116 to thebiometric detector 118. The biometric information captured by thebiometric detector 118 can include fingerprints, vein prints, palmprints, hand geometry, dour/scent, iris patterns, retina patterns, orvoice prints. The biometric detector 118 can be connected to the gamingdevice 116 directly or through a network such as the network 112. Thebiometric detector 118 can send a message 710 containing the capturedbiometric information to the gaming device 116.

The gaming device 116 can send a message 712 containing the capturedbiometric information to the gaming system 104. The message 712 caninclude the identity token of the invitation. Accordingly, the gamingsystem 104 can acquire the biometric information of the player. With themessage 712 containing both the captured biometric information and theidentity token, the gaming system 104 can confirm the biometricinformation captured is that of the player. Via a message 714, thegaming system 104 can store the received biometric information as partof the player's player profile. The biometric information can be storedin the biometric data store 208 of the gaming system 104. For example,the biometric information stored in the biometric data store 208 can bean authoritative image of the player and can be used for authenticatingthe player when the player logs into an online gaming website, forexample an online casino, operated by the operator 108. Theauthoritative image can also be used by the gaming system 104 to confirmthe identity of the player during a game play by pixel analysis.

Referring to FIG. 7B, a message 716 requesting access to an online gamecan be sent by the gaming device 116 to the gaming system 104. Forexample, when the player visits an online casino website, the devicelogin interface 620 of the gaming device 116 can send the message 716 tothe gaming system 104 requesting access to an online game hosted by theonline casino website. As disclosed with reference to FIG. 3, via amessage 718, the gaming system 104 can request the player to providebiometric authentication. When the message 716 is received by the gamingdevice 116, the message 716 can cause the gaming device 116 to activatean application on the device (e.g., a browser, a mobile application,etc.) or a component connected thereto. For example, receipt of the usercommunication may automatically activate an application on the device,such as a biometric information collection application, a standaloneapplication, or a browser, and present an interface to collect therequired authentication information. If the device is offline when themessage 716 is transmitted, the application may be automaticallyactivated when the device is online.

To capture the player's biometric information, a message 720 instructingthe biometric detector 118 to capture biometric information of theplayer may be transmitted from the authentication controller 624 of thegaming device 116 to the biometric detector 118. The detector 118 cansend a message 722 containing the captured biometric information to thegaming device 116.

The gaming device 116 can send the captured biometric information to thegaming system 104 via a message 724. As disclosed with reference to FIG.3, biometric information such as an image of the remote player can besent to the gaming system 104 by the gaming device 116. The image of theremote player can be an authentication image of the remote player usedto authenticating the player's identity.

Referring to FIG. 7B, via a message 726, the access controller 224 ofthe gaming system 104 can determine the access level the player shouldbe given. The gaming system 104 can compare the captured biometricinformation with the authenticated biometric information of the remoteplayer. The gaming system 104 can use such a comparison to determine ifthe captured biometric information matches the authenticated biometricinformation of the remote player. For example, as disclosed withreference to FIG. 3, the gaming system 104 can perform pixel analysis ofthe authoritative image of the player and the authentication image ofthe player to determine that the player is present in both images. Insome implementations, the access controller 224 can perform pixelanalysis of the authentication image of the player with images ofsuspicious players to determine whether the player is a suspiciousplayer. A suspicious player may be denied access to the online games ofthe online casino website operated by the operator 108. The access levelof the player can be, for example, all cash play games and all fee-basedgames, and not cash play games. The gaming system 104 can send theaccess level determined to the gaming device 116 via a message 728. Insome implementations, the gaming system 104 can send the result ofcomparing the captured biometric information with authenticatedbiometric information of the remote player to the gaming device 116 viathe message 728.

The device game interface 616 of the gaming device 116 can displaygraphical indicia of online games available for play by the player basedon the access level received from the gaming system 104. For example,graphical indicia of free play games and fee-based games can bedisplayed on the gaming device 116. After the player selects an onlinegame to play from the graphical indicia of online games available forplay, the gaming device 116 can initiate a game play via a message 730.

As disclosed with reference to FIG. 4, during the game play, the gamingdevice 116 can receive or collect game behavior data via a message 732.Based on the game play data, the authentication controller 624 candetermine whether to confirm the identity of the player. Theauthentication controller 624 can determine whether to confirm theidentity of the player based on the historical game play behavior of theplayer. The game play behavior can include pace of play, response time(e.g., for blackjack, the time after a card is dealt and before adecision regarding whether to stand, hit, double, split, or surrender),click rate, typing rate, delays between two game plays, or amountwagered, wagering decisions, and/or betting strategy skills percentagesachieved. After collecting the game play behavior during the play of theonline game, the collected game play behavior can be compared to thehistorical game play behavior of the remote player to determine theexistence of a discrepancy. For example, the remote player may bedetermined to have a skill level of five for the particular online game,a particular type of games, or all games. If the skill level of the playof the online game is determined to be 10, then a discrepancy has beenidentified.

Referring to FIG. 7B, if a discrepancy is identified, the gaming device116 can activate the biometric detector 118 to capture biometricinformation of the player via a message 734. Via a message 736, thegaming device 116 can receive the captured biometric information of theplayer. The gaming device 116 can request the gaming system 104 toconfirm the identity of the player based on the captured biometricinformation via a message 738. The access controller 224 of the gamingsystem 104 can compare the player's biometric information stored in thebiometric data store 208 and the captured biometric information by, forexample pixel analysis. If the identity of the player cannot beconfirmed, the gaming system 104 can store the biometric information asthat of a suspicious player.

The gaming system 104 can send the gaming device 116 a message 740indicating whether the identity of the player has been confirmed. Forexample, if the player playing the online game is the player who haslogged into the online casino website, then the identity of the playeris confirmed. If the identity of the player cannot be confirmed, thegaming device 116 can terminate the game play via a message 742. In someimplementations, after terminating the game play, the device gameinterface 616 of the gaming device 116 can display graphical indicia ofonly free play games to the player.

Depending on the embodiment, certain acts, events, or functions of anyof the processes or algorithms described herein can be performed in adifferent sequence, can be added, merged, or left out altogether (e.g.,not all described operations or events are necessary for the practice ofthe algorithm). Moreover, in certain embodiments, operations, or eventscan be performed concurrently, e.g., through multi-threaded processing,interrupt processing, or multiple processors or processor cores or onother parallel architectures, rather than sequentially.

The various illustrative logical blocks, modules, routines, andalgorithm steps described in connection with the embodiments disclosedherein can be implemented as electronic hardware, or as a combination ofelectronic hardware and executable software. To clearly illustrate thisinterchangeability, various illustrative components, blocks, modules,and steps have been described above generally in terms of theirfunctionality. Whether such functionality is implemented as hardware, oras software that runs on hardware, depends upon the particularapplication and design constraints imposed on the overall system. Thedescribed functionality can be implemented in varying ways for eachparticular application, but such implementation decisions should not beinterpreted as causing a departure from the scope of the disclosure.

Moreover, the various illustrative logical blocks and modules describedin connection with the embodiments disclosed herein can be implementedor performed by a gameplay verification system or other hardwareincluded in a gameplay verification system. The gameplay verificationsystem or other hardware included in a gameplay verification system mayinclude a digital signal processor (DSP), an application specificintegrated circuit (ASIC), a field programmable gate array (FPGA), amicroprocessor, a controller, microcontroller, or other programmablelogic element, discrete gate or transistor logic, discrete hardwarecomponents, or any combination thereof. For such gameplay verificationsystems, devices used to implement the system are specially designed toperform the gameplay verification described herein. A gameplayverification system may include electrical circuitry configured toprocess specific computer-executable software programs or computerinstructions to perform one or more of the features described herein. Inembodiments where the gameplay verification system includes a FPGA orsimilar programmable elements, the gameplay verification system mayprovide one or more of the features described processing withoutprocessing computer-executable instructions but instead by configuringthe FPGA or similar programmable element to perform the recitedfeatures. Although described herein primarily with respect to digitaltechnology, a gameplay verification system may also include primarilyanalog components. For example, some or all of the gameplay verificationprocessing features described herein may be implemented in analogcircuitry or mixed analog and digital circuitry.

The elements of a method, process, routine, or algorithm described inconnection with the embodiments disclosed herein can be embodieddirectly in gameplay verification system hardware, in a software moduleexecuted by a device included in the gameplay verification system, or ina combination of the two. A gameplay verification software module canreside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROMmemory, registers, hard disk, a removable disk, a CD-ROM, or similarform of a non-transitory computer-readable storage medium. An exemplarystorage medium can be coupled to the gameplay verification system suchthat the gameplay verification system can read information from, andwrite information to, the storage medium. In the alternative, thestorage medium can be integral to the gameplay verification system. Thegameplay verification system and the storage medium can reside in anASIC. The ASIC can reside in a device configured to capture or processdata such as a microphone, a smartphone, a set-top-box, a tabletcomputer, a desktop computer, or the like. In the alternative, thegameplay verification system and the storage medium can reside asdiscrete components (e.g., sub-system) in a device configured to verifygameplay as described herein.

Conditional language used herein, such as, among others, “can,” “could,”“might,” “may,” “e.g.,” and the like, unless specifically statedotherwise, or otherwise understood within the context as used, isgenerally intended to convey that certain embodiments include, whileother embodiments do not include, certain features, elements, and/orsteps. Thus, such conditional language is not generally intended toimply that features, elements, and/or steps are in any way required forone or more embodiments or that one or more embodiments necessarilyinclude logic for deciding, with or without other input or prompting,whether these features, elements, and/or steps are included or are to beperformed in any particular embodiment. The terms “comprising,”“including,” “having,” and the like are synonymous and are usedinclusively, in an open-ended fashion, and do not exclude additionalelements, features, acts, operations, and so forth. Also, the term “or”is used in its inclusive sense (and not in its exclusive sense) so thatwhen used, for example, to connect a list of elements, the term “or”means one, some, or all of the elements in the list.

Disjunctive language such as the phrase “at least one of X, Y, Z,”unless specifically stated otherwise, is otherwise understood with thecontext as used in general to present that an item, term, etc., may beeither X, Y, or Z, or any combination thereof (e.g., X, Y, and/or Z).Thus, such disjunctive language is not generally intended to, and shouldnot, imply that certain embodiments require at least one of X, at leastone of Y, or at least one of Z to each be present.

Unless otherwise explicitly stated, articles such as “a” or “an” shouldgenerally be interpreted to include one or more described items.Accordingly, phrases such as “a device configured to” are intended toinclude one or more recited devices. Such one or more recited devicescan also be collectively configured to carry out the stated recitations.For example, “a processor configured to carry out recitations A, B andC” can include a first processor configured to carry out recitation Aworking in conjunction with a second processor configured to carry outrecitations B and C.

As used herein, the terms “determine” or “determining” encompass a widevariety of actions. For example, “determining” may include calculating,computing, processing, deriving, generating, obtaining, looking up(e.g., looking up in a table, a database or another data structure),ascertaining and the like via a hardware element without userintervention. Also, “determining” may include receiving (e.g., receivinginformation), accessing (e.g., accessing data in a memory) and the likevia a hardware element without user intervention. Also, “determining”may include resolving, selecting, choosing, establishing, and the likevia a hardware element without user intervention.

As used herein, the terms “provide” or “providing” encompass a widevariety of actions. For example, “providing” may include storing a valuein a location of a storage device for subsequent retrieval, transmittinga value directly to the recipient via at least one wired or wirelesscommunication medium, transmitting or storing a reference to a value,and the like. “Providing” may also include encoding, decoding,encrypting, decrypting, validating, verifying, and the like via ahardware element.

As used herein, the term “message” encompasses a wide variety of formatsfor communicating (e.g., transmitting or receiving) information. Amessage may include a machine readable aggregation of information suchas an XML document, fixed field message, comma separated message, or thelike. A message may, in some implementations, include a signal utilizedto transmit one or more representations of the information. Whilerecited in the singular, it will be understood that a message may becomposed, transmitted, stored, received, etc. in multiple parts.

As used herein a “user interface” (also referred to as an interactiveuser interface, a graphical user interface or a UI) may refer to anetwork based interface including data fields and/or other controls forreceiving input signals or providing electronic information and/or forproviding information to the user in response to any received inputsignals. A UI may be implemented in whole or in part using technologiessuch as hyper-text mark-up language (HTML), Flash, Java, .net, webservices, and rich site summary (RSS). In some implementations, a UI maybe included in a stand-alone client (for example, thick client, fatclient) configured to communicate (e.g., send or receive data) inaccordance with one or more of the aspects described.

While the above detailed description has shown, described, and pointedout novel features as applied to various embodiments, it can beunderstood that various omissions, substitutions, and changes in theform and details of the devices or algorithms illustrated can be madewithout departing from the spirit of the disclosure. As can berecognized, certain embodiments described herein can be embodied withina form that does not provide all of the features and benefits set forthherein, as some features can be used or practiced separately fromothers. The scope of certain embodiments disclosed herein is indicatedby the appended claims rather than by the foregoing description. Allchanges which come within the meaning and range of equivalency of theclaims are to be embraced within their scope.

What is claimed is:
 1. A method for controlling access to online games,the method comprising: generating an identity token for a remote player,wherein the identity token is unique to the remote player, and whereinthe identity token comprises an invitation number for the remote player;providing the identity token to the remote player; receiving, from agaming device associated with the remote player, a first messagerequesting to associate a player profile of the remote player withbiometric facial information, wherein the first message comprises theidentity token; verifying validity of the identity token; determiningthe identity of the remote player using the identity token; receiving,from the gaming device, a first image of the remote player; associatingthe first image with the player profile of the remote player, the playerprofile stored in a player data store; receiving a second image from thegaming device; comparing pixel information in the first image and thesecond image to determine whether the remote player is present in thesecond image; and causing display of graphical indicia of online gamesavailable for play via the gaming device based on the player profile ofthe remote player.
 2. The method of claim 1, further comprising:determining the player profile of the remote player does not includebiometric facial information; and prior to receiving the first messageincluding the identity token, transmitting a second message to thegaming device associated with the remote player requesting the remoteplayer to provide the first image of the remote player, wherein thesecond message comprises the identity token.
 3. The method of claim 2,wherein the second message activates a gaming application on the gamingdevice associated with the remote player to cause display, via thegaming device associated with the remote player, of an avatar, andwherein the avatar requests the remote player to provide imageregistration.
 4. The method of claim 1, wherein the first messagefurther comprises a player tracking card number identifying the playerprofile of the remote player.
 5. The method of claim 1, furthercomprising in response to receiving the first message including theidentity token from the gaming device: causing display, via the gamingdevice, of an avatar; and requesting the remote player to provide imageauthentication.
 6. The method of claim 1, further comprising:associating the second image with the player profile of the remoteplayer; and storing the second image in the player data store.
 7. Themethod of claim 1, wherein the gaming device is accessible within anarea, and the method further comprises: causing capturing of the secondimage of at least a portion of the area using an imaging device coupledwith the gaming device.
 8. The method of claim 7, further comprising,prior to causing capturing of the second image, receiving permission ofthe remote player to access the imaging device to capture the secondimage.
 9. The method of claim 1, further comprising: identifying a setof online games available for play; determining a person prohibited fromplaying is shown in the second image based on pixel analysis of thesecond image and an image of the person prohibited from playing; andremoving an online game from the set of online games, wherein causingdisplay of graphical indicia of online games comprises causing displayof graphical indicia of the set of online games.
 10. The method of claim1, further comprising: receiving a second message granting permission bythe remote player, during a play of one of a first class of onlinegames, access to the gaming device to confirm an identity of the remoteplayer.
 11. The method of claim 10, further comprising: receiving athird message revoking permission by the remote player, during the playof the one of the first class of online games, access to the gamingdevice to confirm the identity of the remote player; terminating theplay of the one of the first class of online games; and causing displayof graphical indicia of a second class of online games available forplay via the gaming device.
 12. The method of claim 10, furthercomprising: during the play of the one of the first class of onlinegames by a player, accessing the gaming device to capture biometricinformation of the player using the gaming device; detecting adiscrepancy between the biometric information of the player using thegaming device and the remote player; and terminating the play of the oneof the first class of online games.
 13. The method of claim 12, furthercomprising: determining a time to confirm the identity of the remoteplayer based at least in part on the first class of online games;initiating a timer for the play of the one of the first class of onlinegames; detecting the time to confirm the identity using the timer; andaccessing the gaming device to capture the biometric information uponthe detecting of the time.
 14. The method of claim 12, furthercomprises: retrieving historical game play behavior for the remoteplayer; collecting game play behavior for the play of the one of thefirst class of online games; detecting a discrepancy between thehistorical game play behavior and the game play behavior; and accessingthe gaming device to capture the biometric information upon determiningthe discrepancy.
 15. The method of claim 12, further comprises:retrieving prohibited game play behavior for the one of the first classof online games; collecting game play behavior for the play of the oneof the first class of online games; determining the game play behavioris consistent with the prohibited game play behavior; and accessing thegaming device to capture the biometric information upon determining thegame play behavior is consistent with the prohibited game play behavior.16. The method of claim 12, wherein accessing the gaming device tocapture biometric information of the player using the gaming devicecomprises: receiving a third image; and determining the remote player ispresent in the third image by pixel analysis of the first image and thethird image.
 17. An apparatus for controlling access to online games,the apparatus comprising: a biometric data store configured to storeauthenticated biometric information of players, wherein the playersinclude a remote player; and a processor configured to executeinstructions stored in a non-transitory medium that cause the apparatusto: generate an identity token for a remote player, wherein the identitytoken is unique to the remote player, and wherein the identity tokencomprises an invitation number for the remote player; provide theidentity token to the remote player; receive, from a gaming deviceassociated with the remote player, a first message requesting toassociate a player profile of the remote player with biometric facialinformation, wherein the first message comprises the identity token;verify validity of the identity token; determine the identity of theremote player using the identity token; receive permissions for theremote player, the permissions granting or denying access to a biometricdetector for capture of biometric information for the remote playeraccessing an online game; receive, from the gaming device, biometricinformation of the remote player captured by the biometric detector; andassociate the authenticated biometric information with the playerprofile of the remote player, the player profile stored in a player datastore; acquire biometric information of the remote player; compare thebiometric information for the remote player with authenticated biometricinformation of the remote player; identify a set of online gamesavailable for play from a game store based at least in part on: thepermissions, and a comparison of biometric information for the remoteplayer with the authenticated biometric information of the remoteplayer; and cause display of graphical indicia of the set of onlinegames available for play by the remote player.
 18. The apparatus ofclaim 17, wherein the processor is further configured by theinstructions to cause the apparatus to: prior to receiving the firstmessage including the identity token, transmit a second message to thegaming device associated with the remote player requesting the remoteplayer to provide the biometric information of the remote player,wherein the second message comprises the identity token.
 19. Theapparatus of claim 17, wherein the first message further comprises aplayer tracking card number identifying the player profile of the remoteplayer.
 20. The apparatus of claim 17, wherein the processor is furtherconfigured by the instructions to cause the apparatus to: cause display,via the gaming device, of an avatar; and request the remote player toprovide image authentication.
 21. An apparatus for controlling access toonline games, the apparatus comprising: a biometric detector configuredto capture biometric information for authenticating a remote player; aprocessor configured to execute instructions stored in a non-transitorymedium that cause the apparatus to: receive, from a gaming server, anidentity token for a remote player, wherein the identity token is uniqueto the remote player, and wherein the identity token comprises aninvitation number for the remote player; transmit, to the gaming server,a first message requesting to associate a player profile of the remoteplayer with biometric information, wherein the first message comprisesthe identity token; receive, from the gaming server, an indicationverifying validity of the identity token; receive, from the gamingserver, an indication verifying the identity of the remote player usingthe identity token; provide authenticated biometric information of theremote player to a gaming server, wherein the gaming server associatesthe authenticated biometric information with the player profile of theremote player, and wherein the gaming server stores the player profilein a player data store; receive permissions for the remote player, thepermissions granting or denying access to the biometric detector forcapture of the biometric information; transmit the biometric informationto the gaming server; receive a comparison result from the gamingserver, the comparison result indicating whether the biometricinformation for the remote player matches authenticated biometricinformation for the remote player; identify a set of online gamesavailable for play from a game store based at least in part on: thepermissions, and the comparison result; and display graphical indicia ofthe set of online games available for play by the remote player.
 22. Theapparatus of claim 21, wherein the biometric detector comprises animaging device, wherein the imaging device is configured to captureimage data for authenticating the remote player.
 23. The apparatus ofclaim 22, wherein the processor is further configured by theinstructions to cause the apparatus to receive a player tracking cardnumber of the remote player from a player tracking card, and wherein theprocessor is further configured by the instructions to cause theapparatus to identify the set of online games based on the playertracking card number.
 24. The apparatus of claim 21, wherein theprocessor is further configured by the instructions to cause theapparatus to: during the play of the set of online games available forplay, capture biometric information of the player using the biometricdetector; detect a discrepancy between the biometric information of theplayer captured using the biometric detector and the remote player; andterminate the play of the one of the set of online games available forplay.
 25. The apparatus of claim 24, wherein the processor is furtherconfigured by the instructions to cause the apparatus to: retrievehistorical game play behavior for the remote player; collect game playbehavior for the play of the one of the set of online games availablefor play; detect a discrepancy between the historical game play behaviorand the game play behavior; and capture the biometric information upondetermining the discrepancy.
 26. The apparatus of claim 24, wherein theprocessor is further configured by the instructions to cause theapparatus to: retrieve prohibited game play behavior for the one of theset of online games available for play; collect game play behavior forthe play of the one of the set of online games available for play;determine the game play behavior is consistent with the prohibited gameplay behavior; and capture the biometric information upon determiningthe game play behavior is consistent with the prohibited game playbehavior.
 27. The apparatus of claim 24, wherein the processor isfurther configured by the instructions to cause the apparatus to:determine a time to confirm the identity of the remote player based atleast in part on the set of online games available for play; initiate atimer for the play of the set of online games available for play; detectthe time to confirm the identity using the timer; and capture thebiometric information upon the detecting the time.
 28. A method ofcontrolling access to online games, the method comprising: receiving anidentity token for a remote player, wherein the identity token is uniqueto the remote player, and wherein the identity token comprises aninvitation number for the remote player; transmitting, to a gamingserver, a first message requesting to associate a player profile of theremote player with biometric information, wherein the first messagecomprises the identity token; receiving, from the gaming server, anindication verifying validity of the identity token; receiving, from thegaming server, an indication verifying the identity of the remote playerusing the identity token; providing authenticated biometric informationof the remote player to the gaming server, wherein the gaming serverassociates the authenticated biometric information with the playerprofile of the remote player, and wherein the gaming server stores theplayer profile in a player data store; receiving permissions for theremote player, the permissions granting or denying access to a biometricdetector for capture of biometric information for the remote player;capturing the biometric information for authenticating a remote playerbased on the permissions; transmitting the biometric information togaming server; receiving a comparison result from the gaming server, thecomparison result indicating whether the biometric information for theremote player matches authenticated biometric information for the remoteplayer; identifying a set of online games available for play from a gamestore based at least in part on: the permissions, and the comparisonresult; and display graphical indicia of the set of online gamesavailable for play by the remote player.